1/* 2 * Copyright (c) 2003-2014 Apple Inc. All rights reserved. 3 * 4 * @APPLE_OSREFERENCE_LICENSE_HEADER_START@ 5 * 6 * This file contains Original Code and/or Modifications of Original Code 7 * as defined in and that are subject to the Apple Public Source License 8 * Version 2.0 (the 'License'). You may not use this file except in 9 * compliance with the License. The rights granted to you under the License 10 * may not be used to create, or enable the creation or redistribution of, 11 * unlawful or unlicensed copies of an Apple operating system, or to 12 * circumvent, violate, or enable the circumvention or violation of, any 13 * terms of an Apple operating system software license agreement. 14 * 15 * Please obtain a copy of the License at 16 * http://www.opensource.apple.com/apsl/ and read it before using this file. 17 * 18 * The Original Code and all software distributed under the License are 19 * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER 20 * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, 21 * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, 22 * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT. 23 * Please see the License for the specific language governing rights and 24 * limitations under the License. 25 * 26 * @APPLE_OSREFERENCE_LICENSE_HEADER_END@ 27 */ 28 29/* 30 * Copyright (C) 1995, 1996, 1997, and 1998 WIDE Project. 31 * All rights reserved. 32 * 33 * Redistribution and use in source and binary forms, with or without 34 * modification, are permitted provided that the following conditions 35 * are met: 36 * 1. Redistributions of source code must retain the above copyright 37 * notice, this list of conditions and the following disclaimer. 38 * 2. Redistributions in binary form must reproduce the above copyright 39 * notice, this list of conditions and the following disclaimer in the 40 * documentation and/or other materials provided with the distribution. 41 * 3. Neither the name of the project nor the names of its contributors 42 * may be used to endorse or promote products derived from this software 43 * without specific prior written permission. 44 * 45 * THIS SOFTWARE IS PROVIDED BY THE PROJECT AND CONTRIBUTORS ``AS IS'' AND 46 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 47 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 48 * ARE DISCLAIMED. IN NO EVENT SHALL THE PROJECT OR CONTRIBUTORS BE LIABLE 49 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 50 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 51 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 52 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 53 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 54 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 55 * SUCH DAMAGE. 56 */ 57 58 59#include <sys/param.h> 60#include <sys/systm.h> 61#include <sys/malloc.h> 62#include <sys/mbuf.h> 63#include <sys/socket.h> 64#include <sys/sockio.h> 65#include <sys/time.h> 66#include <sys/kernel.h> 67#include <sys/errno.h> 68#include <sys/syslog.h> 69#include <sys/queue.h> 70#include <sys/mcache.h> 71#include <sys/protosw.h> 72 73#include <dev/random/randomdev.h> 74 75#include <kern/locks.h> 76#include <kern/zalloc.h> 77#include <machine/machine_routines.h> 78 79#include <net/if.h> 80#include <net/if_types.h> 81#include <net/if_dl.h> 82#include <net/route.h> 83#include <net/radix.h> 84 85#include <netinet/in.h> 86#include <netinet6/in6_var.h> 87#include <netinet6/in6_ifattach.h> 88#include <netinet/ip6.h> 89#include <netinet6/ip6_var.h> 90#include <netinet6/nd6.h> 91#include <netinet/icmp6.h> 92#include <netinet6/scope6_var.h> 93 94#include <net/net_osdep.h> 95 96static void defrouter_addreq(struct nd_defrouter *, boolean_t); 97static void defrouter_delreq(struct nd_defrouter *); 98static struct nd_defrouter *defrtrlist_update_common(struct nd_defrouter *, 99 boolean_t); 100static struct nd_defrouter *defrtrlist_update(struct nd_defrouter *); 101 102static struct in6_ifaddr *in6_pfx_newpersistaddr(struct nd_prefix *, int, 103 int *); 104static void defrtrlist_sync(struct ifnet *); 105 106static struct nd_pfxrouter *pfxrtr_lookup(struct nd_prefix *, 107 struct nd_defrouter *); 108static void pfxrtr_add(struct nd_prefix *, struct nd_defrouter *); 109static void pfxrtr_del(struct nd_pfxrouter *, struct nd_prefix *); 110static struct nd_pfxrouter *find_pfxlist_reachable_router(struct nd_prefix *); 111static void nd6_rtmsg(int, struct rtentry *); 112 113static int nd6_prefix_onlink_common(struct nd_prefix *, boolean_t, 114 unsigned int); 115static struct nd_prefix *nd6_prefix_equal_lookup(struct nd_prefix *, boolean_t); 116static void nd6_prefix_sync(struct ifnet *); 117 118static void in6_init_address_ltimes(struct nd_prefix *, 119 struct in6_addrlifetime *); 120 121static int rt6_deleteroute(struct radix_node *, void *); 122 123static struct nd_defrouter *nddr_alloc(int); 124static void nddr_free(struct nd_defrouter *); 125static void nddr_trace(struct nd_defrouter *, int); 126 127static struct nd_prefix *ndpr_alloc(int); 128static void ndpr_free(struct nd_prefix *); 129static void ndpr_trace(struct nd_prefix *, int); 130 131extern int nd6_recalc_reachtm_interval; 132 133static struct ifnet *nd6_defifp; 134int nd6_defifindex; 135static unsigned int nd6_defrouter_genid; 136 137int ip6_use_tempaddr = 1; /* use temp addr by default for testing now */ 138 139int nd6_accept_6to4 = 1; 140 141int ip6_desync_factor; 142u_int32_t ip6_temp_preferred_lifetime = DEF_TEMP_PREFERRED_LIFETIME; 143u_int32_t ip6_temp_valid_lifetime = DEF_TEMP_VALID_LIFETIME; 144/* 145 * shorter lifetimes for debugging purposes. 146 * u_int32_t ip6_temp_preferred_lifetime = 800; 147 * static u_int32_t ip6_temp_valid_lifetime = 1800; 148 */ 149int ip6_temp_regen_advance = TEMPADDR_REGEN_ADVANCE; 150 151extern lck_mtx_t *nd6_mutex; 152 153/* Serialization variables for single thread access to nd_prefix */ 154static boolean_t nd_prefix_busy; 155static void *nd_prefix_waitchan = &nd_prefix_busy; 156static int nd_prefix_waiters = 0; 157 158/* Serialization variables for single thread access to nd_defrouter */ 159static boolean_t nd_defrouter_busy; 160static void *nd_defrouter_waitchan = &nd_defrouter_busy; 161static int nd_defrouter_waiters = 0; 162 163/* RTPREF_MEDIUM has to be 0! */ 164#define RTPREF_HIGH 1 165#define RTPREF_MEDIUM 0 166#define RTPREF_LOW (-1) 167#define RTPREF_RESERVED (-2) 168#define RTPREF_INVALID (-3) /* internal */ 169 170#define NDPR_TRACE_HIST_SIZE 32 /* size of trace history */ 171 172/* For gdb */ 173__private_extern__ unsigned int ndpr_trace_hist_size = NDPR_TRACE_HIST_SIZE; 174 175struct nd_prefix_dbg { 176 struct nd_prefix ndpr_pr; /* nd_prefix */ 177 u_int16_t ndpr_refhold_cnt; /* # of ref */ 178 u_int16_t ndpr_refrele_cnt; /* # of rele */ 179 /* 180 * Circular lists of ndpr_addref and ndpr_remref callers. 181 */ 182 ctrace_t ndpr_refhold[NDPR_TRACE_HIST_SIZE]; 183 ctrace_t ndpr_refrele[NDPR_TRACE_HIST_SIZE]; 184}; 185 186static unsigned int ndpr_debug; /* debug flags */ 187static unsigned int ndpr_size; /* size of zone element */ 188static struct zone *ndpr_zone; /* zone for nd_prefix */ 189 190#define NDPR_ZONE_MAX 64 /* maximum elements in zone */ 191#define NDPR_ZONE_NAME "nd6_prefix" /* zone name */ 192 193#define NDDR_TRACE_HIST_SIZE 32 /* size of trace history */ 194 195/* For gdb */ 196__private_extern__ unsigned int nddr_trace_hist_size = NDDR_TRACE_HIST_SIZE; 197 198struct nd_defrouter_dbg { 199 struct nd_defrouter nddr_dr; /* nd_defrouter */ 200 uint16_t nddr_refhold_cnt; /* # of ref */ 201 uint16_t nddr_refrele_cnt; /* # of rele */ 202 /* 203 * Circular lists of ndpr_addref and ndpr_remref callers. 204 */ 205 ctrace_t nddr_refhold[NDDR_TRACE_HIST_SIZE]; 206 ctrace_t nddr_refrele[NDDR_TRACE_HIST_SIZE]; 207}; 208 209static unsigned int nddr_debug; /* debug flags */ 210static unsigned int nddr_size; /* size of zone element */ 211static struct zone *nddr_zone; /* zone for nd_defrouter */ 212 213#define NDDR_ZONE_MAX 64 /* maximum elements in zone */ 214#define NDDR_ZONE_NAME "nd6_defrouter" /* zone name */ 215 216static unsigned int ndprtr_size; /* size of zone element */ 217static struct zone *ndprtr_zone; /* zone for nd_pfxrouter */ 218 219#define NDPRTR_ZONE_MAX 64 /* maximum elements in zone */ 220#define NDPRTR_ZONE_NAME "nd6_pfxrouter" /* zone name */ 221 222void 223nd6_rtr_init(void) 224{ 225 PE_parse_boot_argn("ifa_debug", &ndpr_debug, sizeof (ndpr_debug)); 226 PE_parse_boot_argn("ifa_debug", &nddr_debug, sizeof (nddr_debug)); 227 228 ndpr_size = (ndpr_debug == 0) ? sizeof (struct nd_prefix) : 229 sizeof (struct nd_prefix_dbg); 230 ndpr_zone = zinit(ndpr_size, NDPR_ZONE_MAX * ndpr_size, 0, 231 NDPR_ZONE_NAME); 232 if (ndpr_zone == NULL) { 233 panic("%s: failed allocating %s", __func__, NDPR_ZONE_NAME); 234 /* NOTREACHED */ 235 } 236 zone_change(ndpr_zone, Z_EXPAND, TRUE); 237 zone_change(ndpr_zone, Z_CALLERACCT, FALSE); 238 239 nddr_size = (nddr_debug == 0) ? sizeof (struct nd_defrouter) : 240 sizeof (struct nd_defrouter_dbg); 241 nddr_zone = zinit(nddr_size, NDDR_ZONE_MAX * nddr_size, 0, 242 NDDR_ZONE_NAME); 243 if (nddr_zone == NULL) { 244 panic("%s: failed allocating %s", __func__, NDDR_ZONE_NAME); 245 /* NOTREACHED */ 246 } 247 zone_change(nddr_zone, Z_EXPAND, TRUE); 248 zone_change(nddr_zone, Z_CALLERACCT, FALSE); 249 250 ndprtr_size = sizeof (struct nd_pfxrouter); 251 ndprtr_zone = zinit(ndprtr_size, NDPRTR_ZONE_MAX * ndprtr_size, 0, 252 NDPRTR_ZONE_NAME); 253 if (ndprtr_zone == NULL) { 254 panic("%s: failed allocating %s", __func__, NDPRTR_ZONE_NAME); 255 /* NOTREACHED */ 256 } 257 zone_change(ndprtr_zone, Z_EXPAND, TRUE); 258 zone_change(ndprtr_zone, Z_CALLERACCT, FALSE); 259} 260 261/* 262 * Receive Router Solicitation Message - just for routers. 263 * Router solicitation/advertisement is mostly managed by userland program 264 * (rtadvd) so here we have no function like nd6_ra_output(). 265 * 266 * Based on RFC 2461 267 */ 268void 269nd6_rs_input( 270 struct mbuf *m, 271 int off, 272 int icmp6len) 273{ 274 struct ifnet *ifp = m->m_pkthdr.rcvif; 275 struct ip6_hdr *ip6 = mtod(m, struct ip6_hdr *); 276 struct nd_router_solicit *nd_rs; 277 struct in6_addr saddr6 = ip6->ip6_src; 278 char *lladdr = NULL; 279 int lladdrlen = 0; 280 union nd_opts ndopts; 281 282 /* Expect 32-bit aligned data pointer on strict-align platforms */ 283 MBUF_STRICT_DATA_ALIGNMENT_CHECK_32(m); 284 285 /* If I'm not a router, ignore it. */ 286 if (!ip6_forwarding || !(ifp->if_eflags & IFEF_IPV6_ROUTER)) 287 goto freeit; 288 289 /* Sanity checks */ 290 if (ip6->ip6_hlim != 255) { 291 nd6log((LOG_ERR, 292 "nd6_rs_input: invalid hlim (%d) from %s to %s on %s\n", 293 ip6->ip6_hlim, ip6_sprintf(&ip6->ip6_src), 294 ip6_sprintf(&ip6->ip6_dst), if_name(ifp))); 295 goto bad; 296 } 297 298 /* 299 * Don't update the neighbor cache, if src = :: or a non-neighbor. 300 * The former case indicates that the src has no IP address assigned 301 * yet. See nd6_ns_input() for the latter case. 302 */ 303 if (IN6_IS_ADDR_UNSPECIFIED(&ip6->ip6_src)) { 304 goto freeit; 305 } else { 306 struct sockaddr_in6 src_sa6; 307 308 bzero(&src_sa6, sizeof (src_sa6)); 309 src_sa6.sin6_family = AF_INET6; 310 src_sa6.sin6_len = sizeof (src_sa6); 311 src_sa6.sin6_addr = ip6->ip6_src; 312 if (!nd6_is_addr_neighbor(&src_sa6, ifp, 0)) { 313 nd6log((LOG_INFO, "nd6_rs_input: " 314 "RS packet from non-neighbor\n")); 315 goto freeit; 316 } 317 } 318 319 IP6_EXTHDR_CHECK(m, off, icmp6len, return); 320 nd_rs = (struct nd_router_solicit *)((caddr_t)ip6 + off); 321 icmp6len -= sizeof (*nd_rs); 322 nd6_option_init(nd_rs + 1, icmp6len, &ndopts); 323 if (nd6_options(&ndopts) < 0) { 324 nd6log((LOG_INFO, 325 "nd6_rs_input: invalid ND option, ignored\n")); 326 /* nd6_options have incremented stats */ 327 goto freeit; 328 } 329 330 if (ndopts.nd_opts_src_lladdr) { 331 lladdr = (char *)(ndopts.nd_opts_src_lladdr + 1); 332 lladdrlen = ndopts.nd_opts_src_lladdr->nd_opt_len << 3; 333 } 334 335 if (lladdr && ((ifp->if_addrlen + 2 + 7) & ~7) != lladdrlen) { 336 nd6log((LOG_INFO, 337 "nd6_rs_input: lladdrlen mismatch for %s " 338 "(if %d, RS packet %d)\n", 339 ip6_sprintf(&saddr6), ifp->if_addrlen, lladdrlen - 2)); 340 goto bad; 341 } 342 343 nd6_cache_lladdr(ifp, &saddr6, lladdr, lladdrlen, ND_ROUTER_SOLICIT, 0); 344 345freeit: 346 m_freem(m); 347 return; 348 349bad: 350 icmp6stat.icp6s_badrs++; 351 m_freem(m); 352} 353 354/* 355 * Receive Router Advertisement Message. 356 * 357 * Based on RFC 2461 358 * TODO: on-link bit on prefix information 359 * TODO: ND_RA_FLAG_{OTHER,MANAGED} processing 360 */ 361void 362nd6_ra_input( 363 struct mbuf *m, 364 int off, 365 int icmp6len) 366{ 367 struct ifnet *ifp = m->m_pkthdr.rcvif; 368 struct nd_ifinfo *ndi = NULL; 369 struct ip6_hdr *ip6 = mtod(m, struct ip6_hdr *); 370 struct nd_router_advert *nd_ra; 371 struct in6_addr saddr6 = ip6->ip6_src; 372 int mcast = 0; 373 union nd_opts ndopts; 374 struct nd_defrouter *dr = NULL; 375 u_int32_t mtu = 0; 376 char *lladdr = NULL; 377 u_int32_t lladdrlen = 0; 378 struct nd_prefix_list *nd_prefix_list_head = NULL; 379 u_int32_t nd_prefix_list_length = 0; 380 struct in6_ifaddr *ia6 = NULL; 381 struct nd_prefix_list *prfl; 382 struct nd_defrouter dr0; 383 u_int32_t advreachable; 384 385 386 /* Expect 32-bit aligned data pointer on strict-align platforms */ 387 MBUF_STRICT_DATA_ALIGNMENT_CHECK_32(m); 388 389 /* 390 * Discard RA unless IFEF_ACCEPT_RTADV is set (as host), or when 391 * IFEF_IPV6_ROUTER is set (as router) but the RA is not locally 392 * generated. For convenience, we allow locally generated (rtadvd) 393 * RAs to be processed on the advertising interface, as a router. 394 * 395 * Note that we don't test against ip6_forwarding as we could be 396 * both a host and a router on different interfaces, hence the 397 * check against the per-interface flags. 398 */ 399 if (!(ifp->if_eflags & (IFEF_ACCEPT_RTADV | IFEF_IPV6_ROUTER)) || 400 ((ifp->if_eflags & IFEF_IPV6_ROUTER) && 401 (ia6 = ifa_foraddr6(&saddr6)) == NULL)) 402 goto freeit; 403 404 if (ia6 != NULL) { 405 IFA_REMREF(&ia6->ia_ifa); 406 ia6 = NULL; 407 } 408 409 if (ip6->ip6_hlim != 255) { 410 nd6log((LOG_ERR, 411 "nd6_ra_input: invalid hlim (%d) from %s to %s on %s\n", 412 ip6->ip6_hlim, ip6_sprintf(&ip6->ip6_src), 413 ip6_sprintf(&ip6->ip6_dst), if_name(ifp))); 414 goto bad; 415 } 416 417 if (!IN6_IS_ADDR_LINKLOCAL(&saddr6)) { 418 nd6log((LOG_ERR, 419 "nd6_ra_input: src %s is not link-local\n", 420 ip6_sprintf(&saddr6))); 421 goto bad; 422 } 423 424 IP6_EXTHDR_CHECK(m, off, icmp6len, return); 425 nd_ra = (struct nd_router_advert *)((caddr_t)ip6 + off); 426 427 icmp6len -= sizeof (*nd_ra); 428 nd6_option_init(nd_ra + 1, icmp6len, &ndopts); 429 if (nd6_options(&ndopts) < 0) { 430 nd6log((LOG_INFO, 431 "nd6_ra_input: invalid ND option, ignored\n")); 432 /* nd6_options have incremented stats */ 433 goto freeit; 434 } 435 436 advreachable = nd_ra->nd_ra_reachable; 437 438 /* remember if this is a multicasted advertisement */ 439 if (IN6_IS_ADDR_MULTICAST(&ip6->ip6_dst)) 440 mcast = 1; 441 442 lck_rw_lock_shared(nd_if_rwlock); 443 if (ifp->if_index >= nd_ifinfo_indexlim) { 444 lck_rw_done(nd_if_rwlock); 445 goto freeit; 446 } 447 ndi = &nd_ifinfo[ifp->if_index]; 448 VERIFY(ndi->initialized); 449 lck_mtx_lock(&ndi->lock); 450 bzero(&dr0, sizeof (dr0)); 451 dr0.rtaddr = saddr6; 452 dr0.flags = nd_ra->nd_ra_flags_reserved; 453 dr0.rtlifetime = ntohs(nd_ra->nd_ra_router_lifetime); 454 dr0.expire = net_uptime() + dr0.rtlifetime; 455 dr0.ifp = ifp; 456 /* unspecified or not? (RFC 2461 6.3.4) */ 457 if (advreachable) { 458 advreachable = ntohl(advreachable); 459 if (advreachable <= MAX_REACHABLE_TIME && 460 ndi->basereachable != advreachable) { 461 ndi->basereachable = advreachable; 462 ndi->reachable = ND_COMPUTE_RTIME(ndi->basereachable); 463 ndi->recalctm = nd6_recalc_reachtm_interval; /* reset */ 464 } 465 } 466 if (nd_ra->nd_ra_retransmit) 467 ndi->retrans = ntohl(nd_ra->nd_ra_retransmit); 468 if (nd_ra->nd_ra_curhoplimit) 469 ndi->chlim = nd_ra->nd_ra_curhoplimit; 470 lck_mtx_unlock(&ndi->lock); 471 lck_rw_done(nd_if_rwlock); 472 ndi = NULL; 473 lck_mtx_lock(nd6_mutex); 474 dr = defrtrlist_update(&dr0); 475 lck_mtx_unlock(nd6_mutex); 476 477 /* 478 * prefix 479 */ 480 if (ndopts.nd_opts_pi) { 481 struct nd_opt_hdr *pt; 482 struct nd_opt_prefix_info *pi = NULL; 483 struct nd_prefix pr; 484 485 for (pt = (struct nd_opt_hdr *)ndopts.nd_opts_pi; 486 pt <= (struct nd_opt_hdr *)ndopts.nd_opts_pi_end; 487 pt = (struct nd_opt_hdr *)((caddr_t)pt + 488 (pt->nd_opt_len << 3))) { 489 if (pt->nd_opt_type != ND_OPT_PREFIX_INFORMATION) 490 continue; 491 pi = (struct nd_opt_prefix_info *)pt; 492 493 if (pi->nd_opt_pi_len != 4) { 494 nd6log((LOG_INFO, 495 "nd6_ra_input: invalid option " 496 "len %d for prefix information option, " 497 "ignored\n", pi->nd_opt_pi_len)); 498 continue; 499 } 500 501 if (128 < pi->nd_opt_pi_prefix_len) { 502 nd6log((LOG_INFO, 503 "nd6_ra_input: invalid prefix " 504 "len %d for prefix information option, " 505 "ignored\n", pi->nd_opt_pi_prefix_len)); 506 continue; 507 } 508 509 if (IN6_IS_ADDR_MULTICAST(&pi->nd_opt_pi_prefix) || 510 IN6_IS_ADDR_LINKLOCAL(&pi->nd_opt_pi_prefix)) { 511 nd6log((LOG_INFO, 512 "%s: invalid prefix %s, ignored\n", 513 __func__, 514 ip6_sprintf(&pi->nd_opt_pi_prefix))); 515 continue; 516 } 517 518 bzero(&pr, sizeof (pr)); 519 lck_mtx_init(&pr.ndpr_lock, ifa_mtx_grp, ifa_mtx_attr); 520 NDPR_LOCK(&pr); 521 pr.ndpr_prefix.sin6_family = AF_INET6; 522 pr.ndpr_prefix.sin6_len = sizeof (pr.ndpr_prefix); 523 pr.ndpr_prefix.sin6_addr = pi->nd_opt_pi_prefix; 524 pr.ndpr_ifp = m->m_pkthdr.rcvif; 525 526 pr.ndpr_raf_onlink = (pi->nd_opt_pi_flags_reserved & 527 ND_OPT_PI_FLAG_ONLINK) ? 1 : 0; 528 pr.ndpr_raf_auto = (pi->nd_opt_pi_flags_reserved & 529 ND_OPT_PI_FLAG_AUTO) ? 1 : 0; 530 pr.ndpr_plen = pi->nd_opt_pi_prefix_len; 531 pr.ndpr_vltime = ntohl(pi->nd_opt_pi_valid_time); 532 pr.ndpr_pltime = 533 ntohl(pi->nd_opt_pi_preferred_time); 534 535 /* 536 * Exceptions to stateless autoconfiguration processing: 537 * + nd6_accept_6to4 == 0 && address has 6to4 prefix 538 * + ip6_only_allow_rfc4193_prefix != 0 && 539 * address not RFC 4193 540 */ 541 if (ip6_only_allow_rfc4193_prefix && 542 !IN6_IS_ADDR_UNIQUE_LOCAL(&pi->nd_opt_pi_prefix)) { 543 nd6log((LOG_INFO, 544 "nd6_ra_input: no SLAAC on prefix %s " 545 "[not RFC 4193]\n", 546 ip6_sprintf(&pi->nd_opt_pi_prefix))); 547 pr.ndpr_raf_auto = 0; 548 } else if (!nd6_accept_6to4 && 549 IN6_IS_ADDR_6TO4(&pi->nd_opt_pi_prefix)) { 550 nd6log((LOG_INFO, 551 "%s: no SLAAC on prefix %s " 552 "[6to4]\n", __func__, 553 ip6_sprintf(&pi->nd_opt_pi_prefix))); 554 pr.ndpr_raf_auto = 0; 555 } 556 557 if (in6_init_prefix_ltimes(&pr)) { 558 NDPR_UNLOCK(&pr); 559 lck_mtx_destroy(&pr.ndpr_lock, ifa_mtx_grp); 560 continue; /* prefix lifetime init failed */ 561 } else { 562 NDPR_UNLOCK(&pr); 563 } 564 (void) prelist_update(&pr, dr, m, mcast); 565 lck_mtx_destroy(&pr.ndpr_lock, ifa_mtx_grp); 566 567 /* 568 * We have to copy the values out after the 569 * prelist_update call since some of these values won't 570 * be properly set until after the router advertisement 571 * updating can vet the values. 572 */ 573 prfl = NULL; 574 MALLOC(prfl, struct nd_prefix_list *, sizeof (*prfl), 575 M_TEMP, M_WAITOK | M_ZERO); 576 577 if (prfl == NULL) { 578 log(LOG_DEBUG, "%s: unable to MALLOC RA prefix " 579 "structure\n", __func__); 580 continue; 581 } 582 583 /* this is only for nd6_post_msg(), otherwise unused */ 584 bcopy(&pr.ndpr_prefix, &prfl->pr.ndpr_prefix, 585 sizeof (prfl->pr.ndpr_prefix)); 586 prfl->pr.ndpr_raf = pr.ndpr_raf; 587 prfl->pr.ndpr_plen = pr.ndpr_plen; 588 prfl->pr.ndpr_vltime = pr.ndpr_vltime; 589 prfl->pr.ndpr_pltime = pr.ndpr_pltime; 590 prfl->pr.ndpr_expire = pr.ndpr_expire; 591 prfl->pr.ndpr_base_calendartime = 592 pr.ndpr_base_calendartime; 593 prfl->pr.ndpr_base_uptime = pr.ndpr_base_uptime; 594 prfl->pr.ndpr_stateflags = pr.ndpr_stateflags; 595 prfl->pr.ndpr_addrcnt = pr.ndpr_addrcnt; 596 prfl->pr.ndpr_ifp = pr.ndpr_ifp; 597 598 prfl->next = nd_prefix_list_head; 599 nd_prefix_list_head = prfl; 600 nd_prefix_list_length++; 601 } 602 } 603 604 /* 605 * MTU 606 */ 607 if (ndopts.nd_opts_mtu && ndopts.nd_opts_mtu->nd_opt_mtu_len == 1) { 608 mtu = ntohl(ndopts.nd_opts_mtu->nd_opt_mtu_mtu); 609 610 /* lower bound */ 611 if (mtu < IPV6_MMTU) { 612 nd6log((LOG_INFO, "nd6_ra_input: bogus mtu option " 613 "mtu=%d sent from %s, ignoring\n", 614 mtu, ip6_sprintf(&ip6->ip6_src))); 615 goto skip; 616 } 617 618 lck_rw_lock_shared(nd_if_rwlock); 619 if (ifp->if_index >= nd_ifinfo_indexlim) { 620 lck_rw_done(nd_if_rwlock); 621 goto freeit; 622 } 623 ndi = &nd_ifinfo[ifp->if_index]; 624 VERIFY(ndi->initialized); 625 lck_mtx_lock(&ndi->lock); 626 /* upper bound */ 627 if (ndi->maxmtu) { 628 if (mtu <= ndi->maxmtu) { 629 int change = (ndi->linkmtu != mtu); 630 631 ndi->linkmtu = mtu; 632 lck_mtx_unlock(&ndi->lock); 633 lck_rw_done(nd_if_rwlock); 634 if (change) /* in6_maxmtu may change */ 635 in6_setmaxmtu(); 636 } else { 637 nd6log((LOG_INFO, "nd6_ra_input: bogus mtu " 638 "mtu=%d sent from %s; " 639 "exceeds maxmtu %d, ignoring\n", 640 mtu, ip6_sprintf(&ip6->ip6_src), 641 ndi->maxmtu)); 642 lck_mtx_unlock(&ndi->lock); 643 lck_rw_done(nd_if_rwlock); 644 } 645 } else { 646 lck_mtx_unlock(&ndi->lock); 647 lck_rw_done(nd_if_rwlock); 648 nd6log((LOG_INFO, "nd6_ra_input: mtu option " 649 "mtu=%d sent from %s; maxmtu unknown, " 650 "ignoring\n", 651 mtu, ip6_sprintf(&ip6->ip6_src))); 652 } 653 ndi = NULL; 654 } 655 656skip: 657 658 /* 659 * Source link layer address 660 */ 661 if (ndopts.nd_opts_src_lladdr) { 662 lladdr = (char *)(ndopts.nd_opts_src_lladdr + 1); 663 lladdrlen = ndopts.nd_opts_src_lladdr->nd_opt_len << 3; 664 } 665 666 if (lladdr && ((ifp->if_addrlen + 2 + 7) & ~7) != lladdrlen) { 667 nd6log((LOG_INFO, 668 "nd6_ra_input: lladdrlen mismatch for %s " 669 "(if %d, RA packet %d)\n", 670 ip6_sprintf(&saddr6), ifp->if_addrlen, lladdrlen - 2)); 671 goto bad; 672 } 673 674 nd6_cache_lladdr(ifp, &saddr6, lladdr, (int)lladdrlen, 675 ND_ROUTER_ADVERT, 0); 676 677 /* Post message */ 678 nd6_post_msg(KEV_ND6_RA, nd_prefix_list_head, nd_prefix_list_length, 679 mtu, lladdr, lladdrlen); 680 681 /* 682 * Installing a link-layer address might change the state of the 683 * router's neighbor cache, which might also affect our on-link 684 * detection of adveritsed prefixes. 685 */ 686 lck_mtx_lock(nd6_mutex); 687 pfxlist_onlink_check(); 688 lck_mtx_unlock(nd6_mutex); 689 690freeit: 691 m_freem(m); 692 if (dr) 693 NDDR_REMREF(dr); 694 695 prfl = NULL; 696 while ((prfl = nd_prefix_list_head) != NULL) { 697 nd_prefix_list_head = prfl->next; 698 FREE(prfl, M_TEMP); 699 } 700 701 return; 702 703bad: 704 icmp6stat.icp6s_badra++; 705 goto freeit; 706} 707 708/* 709 * default router list proccessing sub routines 710 */ 711 712/* tell the change to user processes watching the routing socket. */ 713static void 714nd6_rtmsg(cmd, rt) 715 int cmd; 716 struct rtentry *rt; 717{ 718 struct rt_addrinfo info; 719 struct ifnet *ifp = rt->rt_ifp; 720 721 RT_LOCK_ASSERT_HELD(rt); 722 723 bzero((caddr_t)&info, sizeof (info)); 724 /* It's not necessary to lock ifp for if_lladdr */ 725 info.rti_info[RTAX_DST] = rt_key(rt); 726 info.rti_info[RTAX_GATEWAY] = rt->rt_gateway; 727 info.rti_info[RTAX_NETMASK] = rt_mask(rt); 728 /* 729 * ifa_addr pointers for both should always be valid 730 * in this context; no need to hold locks. 731 */ 732 info.rti_info[RTAX_IFP] = ifp->if_lladdr->ifa_addr; 733 info.rti_info[RTAX_IFA] = rt->rt_ifa->ifa_addr; 734 735 rt_missmsg(cmd, &info, rt->rt_flags, 0); 736} 737 738static void 739defrouter_addreq(struct nd_defrouter *new, boolean_t scoped) 740{ 741 struct sockaddr_in6 def, mask, gate; 742 struct rtentry *newrt = NULL; 743 unsigned int ifscope; 744 int err; 745 746 lck_mtx_assert(nd6_mutex, LCK_MTX_ASSERT_NOTOWNED); 747 NDDR_LOCK_ASSERT_NOTHELD(new); 748 /* 749 * We're free to lock and unlock NDDR because our callers 750 * are holding an extra reference for us. 751 */ 752 753 NDDR_LOCK(new); 754 if (new->stateflags & NDDRF_INSTALLED) 755 goto out; 756 757 if (new->ifp->if_eflags & IFEF_IPV6_ROUTER) { 758 nd6log2((LOG_INFO, "%s: ignoring router %s, scoped=%d, " 759 "static=%d on advertising interface\n", if_name(new->ifp), 760 ip6_sprintf(&new->rtaddr), scoped, 761 (new->stateflags & NDDRF_STATIC) ? 1 : 0)); 762 goto out; 763 } 764 765 nd6log2((LOG_INFO, "%s: adding default router %s, scoped=%d, " 766 "static=%d\n", if_name(new->ifp), ip6_sprintf(&new->rtaddr), 767 scoped, (new->stateflags & NDDRF_STATIC) ? 1 : 0)); 768 769 Bzero(&def, sizeof (def)); 770 Bzero(&mask, sizeof (mask)); 771 Bzero(&gate, sizeof (gate)); 772 773 def.sin6_len = mask.sin6_len = gate.sin6_len 774 = sizeof (struct sockaddr_in6); 775 def.sin6_family = mask.sin6_family = gate.sin6_family = AF_INET6; 776 gate.sin6_addr = new->rtaddr; 777 778 ifscope = scoped ? new->ifp->if_index : IFSCOPE_NONE; 779 NDDR_UNLOCK(new); 780 781 err = rtrequest_scoped(RTM_ADD, (struct sockaddr *)&def, 782 (struct sockaddr *)&gate, (struct sockaddr *)&mask, 783 RTF_GATEWAY, &newrt, ifscope); 784 785 if (newrt) { 786 RT_LOCK(newrt); 787 nd6_rtmsg(RTM_ADD, newrt); /* tell user process */ 788 RT_REMREF_LOCKED(newrt); 789 RT_UNLOCK(newrt); 790 NDDR_LOCK(new); 791 new->stateflags |= NDDRF_INSTALLED; 792 if (ifscope != IFSCOPE_NONE) 793 new->stateflags |= NDDRF_IFSCOPE; 794 new->genid = nd6_defrouter_genid; 795 } else { 796 nd6log((LOG_ERR, "%s: failed to add default router " 797 "%s on %s scoped %d (errno = %d)\n", __func__, 798 ip6_sprintf(&gate.sin6_addr), if_name(new->ifp), 799 (ifscope != IFSCOPE_NONE), err)); 800 NDDR_LOCK(new); 801 } 802 new->err = err; 803 804out: 805 NDDR_UNLOCK(new); 806} 807 808struct nd_defrouter * 809defrouter_lookup( 810 struct in6_addr *addr, 811 struct ifnet *ifp) 812{ 813 struct nd_defrouter *dr; 814 815 lck_mtx_assert(nd6_mutex, LCK_MTX_ASSERT_OWNED); 816 817 for (dr = TAILQ_FIRST(&nd_defrouter); dr; 818 dr = TAILQ_NEXT(dr, dr_entry)) { 819 NDDR_LOCK(dr); 820 if (dr->ifp == ifp && IN6_ARE_ADDR_EQUAL(addr, &dr->rtaddr)) { 821 NDDR_ADDREF_LOCKED(dr); 822 NDDR_UNLOCK(dr); 823 return (dr); 824 } 825 NDDR_UNLOCK(dr); 826 } 827 828 return (NULL); /* search failed */ 829} 830 831/* 832 * Remove the default route for a given router. 833 * This is just a subroutine function for defrouter_select(), and should 834 * not be called from anywhere else. 835 */ 836static void 837defrouter_delreq(struct nd_defrouter *dr) 838{ 839 struct sockaddr_in6 def, mask, gate; 840 struct rtentry *oldrt = NULL; 841 unsigned int ifscope; 842 int err; 843 844 lck_mtx_assert(nd6_mutex, LCK_MTX_ASSERT_NOTOWNED); 845 NDDR_LOCK_ASSERT_NOTHELD(dr); 846 /* 847 * We're free to lock and unlock NDDR because our callers 848 * are holding an extra reference for us. 849 */ 850 NDDR_LOCK(dr); 851 /* ifp would be NULL for the "drany" case */ 852 if (dr->ifp != NULL && !(dr->stateflags & NDDRF_INSTALLED)) 853 goto out; 854 855 nd6log2((LOG_INFO, "%s: removing default router %s, scoped=%d, " 856 "static=%d\n", dr->ifp != NULL ? if_name(dr->ifp) : "ANY", 857 ip6_sprintf(&dr->rtaddr), (dr->stateflags & NDDRF_IFSCOPE) ? 1 : 0, 858 (dr->stateflags & NDDRF_STATIC) ? 1 : 0)); 859 860 Bzero(&def, sizeof (def)); 861 Bzero(&mask, sizeof (mask)); 862 Bzero(&gate, sizeof (gate)); 863 864 def.sin6_len = mask.sin6_len = gate.sin6_len 865 = sizeof (struct sockaddr_in6); 866 def.sin6_family = mask.sin6_family = gate.sin6_family = AF_INET6; 867 gate.sin6_addr = dr->rtaddr; 868 869 if (dr->ifp != NULL) { 870 ifscope = (dr->stateflags & NDDRF_IFSCOPE) ? 871 dr->ifp->if_index : IFSCOPE_NONE; 872 } else { 873 ifscope = IFSCOPE_NONE; 874 } 875 NDDR_UNLOCK(dr); 876 err = rtrequest_scoped(RTM_DELETE, 877 (struct sockaddr *)&def, (struct sockaddr *)&gate, 878 (struct sockaddr *)&mask, RTF_GATEWAY, &oldrt, ifscope); 879 880 if (oldrt) { 881 RT_LOCK(oldrt); 882 nd6_rtmsg(RTM_DELETE, oldrt); 883 RT_UNLOCK(oldrt); 884 rtfree(oldrt); 885 } else if (err != ESRCH) { 886 nd6log((LOG_ERR, "%s: failed to delete default router " 887 "%s on %s scoped %d (errno = %d)\n", __func__, 888 ip6_sprintf(&gate.sin6_addr), dr->ifp != NULL ? 889 if_name(dr->ifp) : "ANY", (ifscope != IFSCOPE_NONE), err)); 890 } 891 NDDR_LOCK(dr); 892 /* ESRCH means it's no longer in the routing table; ignore it */ 893 if (oldrt != NULL || err == ESRCH) { 894 dr->stateflags &= ~NDDRF_INSTALLED; 895 if (ifscope != IFSCOPE_NONE) 896 dr->stateflags &= ~NDDRF_IFSCOPE; 897 } 898 dr->err = 0; 899out: 900 NDDR_UNLOCK(dr); 901} 902 903 904/* 905 * remove all default routes from default router list 906 */ 907void 908defrouter_reset(void) 909{ 910 struct nd_defrouter *dr, drany; 911 912 lck_mtx_assert(nd6_mutex, LCK_MTX_ASSERT_OWNED); 913 914 dr = TAILQ_FIRST(&nd_defrouter); 915 while (dr) { 916 NDDR_LOCK(dr); 917 if (dr->stateflags & NDDRF_INSTALLED) { 918 NDDR_ADDREF_LOCKED(dr); 919 NDDR_UNLOCK(dr); 920 lck_mtx_unlock(nd6_mutex); 921 defrouter_delreq(dr); 922 lck_mtx_lock(nd6_mutex); 923 NDDR_REMREF(dr); 924 dr = TAILQ_FIRST(&nd_defrouter); 925 } else { 926 NDDR_UNLOCK(dr); 927 dr = TAILQ_NEXT(dr, dr_entry); 928 } 929 } 930 931 /* Nuke primary (non-scoped) default router */ 932 if (ip6_doscopedroute) { 933 bzero(&drany, sizeof (drany)); 934 lck_mtx_init(&drany.nddr_lock, ifa_mtx_grp, ifa_mtx_attr); 935 lck_mtx_unlock(nd6_mutex); 936 defrouter_delreq(&drany); 937 lck_mtx_destroy(&drany.nddr_lock, ifa_mtx_grp); 938 lck_mtx_lock(nd6_mutex); 939 } 940 941} 942 943int 944defrtrlist_ioctl(u_long cmd, caddr_t data) 945{ 946 struct nd_defrouter dr0; 947 unsigned int ifindex; 948 struct ifnet *dr_ifp; 949 int error = 0, add = 0; 950 951 switch (cmd) { 952 case SIOCDRADD_IN6_32: /* struct in6_defrouter_32 */ 953 case SIOCDRADD_IN6_64: /* struct in6_defrouter_64 */ 954 ++add; 955 /* FALLTHRU */ 956 case SIOCDRDEL_IN6_32: /* struct in6_defrouter_32 */ 957 case SIOCDRDEL_IN6_64: /* struct in6_defrouter_64 */ 958 bzero(&dr0, sizeof (dr0)); 959 if (cmd == SIOCDRADD_IN6_64 || cmd == SIOCDRDEL_IN6_64) { 960 struct in6_defrouter_64 *r_64 = 961 (struct in6_defrouter_64 *)(void *)data; 962 u_int16_t i; 963 964 bcopy(&r_64->rtaddr.sin6_addr, &dr0.rtaddr, 965 sizeof (dr0.rtaddr)); 966 dr0.flags = r_64->flags; 967 bcopy(&r_64->if_index, &i, sizeof (i)); 968 ifindex = i; 969 } else { 970 struct in6_defrouter_32 *r_32 = 971 (struct in6_defrouter_32 *)(void *)data; 972 u_int16_t i; 973 974 bcopy(&r_32->rtaddr.sin6_addr, &dr0.rtaddr, 975 sizeof (dr0.rtaddr)); 976 dr0.flags = r_32->flags; 977 bcopy(&r_32->if_index, &i, sizeof (i)); 978 ifindex = i; 979 } 980 ifnet_head_lock_shared(); 981 /* Don't need to check is ifindex is < 0 since it's unsigned */ 982 if (if_index < ifindex || 983 (dr_ifp = ifindex2ifnet[ifindex]) == NULL) { 984 ifnet_head_done(); 985 error = EINVAL; 986 break; 987 } 988 dr0.ifp = dr_ifp; 989 ifnet_head_done(); 990 991 if (IN6_IS_SCOPE_EMBED(&dr0.rtaddr)) { 992 uint16_t *scope = &dr0.rtaddr.s6_addr16[1]; 993 994 if (*scope == 0) { 995 *scope = htons(dr_ifp->if_index); 996 } else if (*scope != htons(dr_ifp->if_index)) { 997 error = EINVAL; 998 break; 999 } 1000 } 1001 1002 if (add) 1003 error = defrtrlist_add_static(&dr0); 1004 if (!add || error != 0) { 1005 int err = defrtrlist_del_static(&dr0); 1006 if (!add) 1007 error = err; 1008 } 1009 break; 1010 1011 default: 1012 error = EOPNOTSUPP; /* check for safety */ 1013 break; 1014 } 1015 1016 return (error); 1017} 1018 1019void 1020defrtrlist_del(struct nd_defrouter *dr) 1021{ 1022 struct nd_defrouter *deldr = NULL; 1023 struct nd_prefix *pr; 1024 struct ifnet *ifp = dr->ifp; 1025 boolean_t resetmtu; 1026 1027 lck_mtx_assert(nd6_mutex, LCK_MTX_ASSERT_OWNED); 1028 1029 if (!ip6_doscopedroute && dr == TAILQ_FIRST(&nd_defrouter)) 1030 deldr = dr; /* The router is primary. */ 1031 1032 TAILQ_REMOVE(&nd_defrouter, dr, dr_entry); 1033 ++nd6_defrouter_genid; 1034 /* 1035 * Flush all the routing table entries that use the router 1036 * as a next hop. 1037 */ 1038 if (ip6_doscopedroute || !ip6_forwarding) { 1039 /* above is a good condition? */ 1040 NDDR_ADDREF(dr); 1041 lck_mtx_unlock(nd6_mutex); 1042 rt6_flush(&dr->rtaddr, ifp); 1043 lck_mtx_lock(nd6_mutex); 1044 NDDR_REMREF(dr); 1045 } 1046 nd6log2((LOG_INFO, "%s: freeing defrouter %s\n", if_name(dr->ifp), 1047 ip6_sprintf(&dr->rtaddr))); 1048 /* 1049 * Delete it from the routing table. 1050 */ 1051 NDDR_ADDREF(dr); 1052 lck_mtx_unlock(nd6_mutex); 1053 defrouter_delreq(dr); 1054 lck_mtx_lock(nd6_mutex); 1055 NDDR_REMREF(dr); 1056 1057 /* 1058 * Also delete all the pointers to the router in each prefix lists. 1059 */ 1060 for (pr = nd_prefix.lh_first; pr; pr = pr->ndpr_next) { 1061 struct nd_pfxrouter *pfxrtr; 1062 1063 NDPR_LOCK(pr); 1064 if ((pfxrtr = pfxrtr_lookup(pr, dr)) != NULL) 1065 pfxrtr_del(pfxrtr, pr); 1066 NDPR_UNLOCK(pr); 1067 } 1068 1069 pfxlist_onlink_check(); 1070 1071 /* 1072 * If the router is the primary one, choose a new one. If Scoped 1073 * Routing is enabled, always try to pick another eligible router 1074 * on this interface. 1075 */ 1076 if (deldr || ip6_doscopedroute) 1077 defrouter_select(ifp); 1078 1079 resetmtu = FALSE; 1080 lck_rw_lock_shared(nd_if_rwlock); 1081 if (ifp->if_index < nd_ifinfo_indexlim) { 1082 struct nd_ifinfo *ndi = &nd_ifinfo[ifp->if_index]; 1083 VERIFY(ndi->initialized); 1084 lck_mtx_lock(&ndi->lock); 1085 VERIFY(ndi->ndefrouters >= 0); 1086 if (ndi->ndefrouters > 0 && --ndi->ndefrouters == 0) { 1087 nd6_ifreset(ifp); 1088 resetmtu = TRUE; 1089 } 1090 lck_mtx_unlock(&ndi->lock); 1091 } 1092 lck_rw_done(nd_if_rwlock); 1093 1094 if (resetmtu) 1095 nd6_setmtu(ifp); 1096 1097 NDDR_REMREF(dr); /* remove list reference */ 1098} 1099 1100int 1101defrtrlist_add_static(struct nd_defrouter *new) 1102{ 1103 struct nd_defrouter *dr; 1104 int err = 0; 1105 1106 new->rtlifetime = -1; 1107 new->stateflags |= NDDRF_STATIC; 1108 1109 /* we only want the preference level */ 1110 new->flags &= ND_RA_FLAG_RTPREF_MASK; 1111 1112 lck_mtx_lock(nd6_mutex); 1113 dr = defrouter_lookup(&new->rtaddr, new->ifp); 1114 if (dr != NULL && !(dr->stateflags & NDDRF_STATIC)) { 1115 err = EINVAL; 1116 } else { 1117 if (dr != NULL) 1118 NDDR_REMREF(dr); 1119 dr = defrtrlist_update(new); 1120 if (dr != NULL) 1121 err = dr->err; 1122 else 1123 err = ENOMEM; 1124 } 1125 if (dr != NULL) 1126 NDDR_REMREF(dr); 1127 lck_mtx_unlock(nd6_mutex); 1128 1129 return (err); 1130} 1131 1132int 1133defrtrlist_del_static(struct nd_defrouter *new) 1134{ 1135 struct nd_defrouter *dr; 1136 1137 lck_mtx_lock(nd6_mutex); 1138 dr = defrouter_lookup(&new->rtaddr, new->ifp); 1139 if (dr == NULL || !(dr->stateflags & NDDRF_STATIC)) { 1140 if (dr != NULL) 1141 NDDR_REMREF(dr); 1142 dr = NULL; 1143 } else { 1144 defrtrlist_del(dr); 1145 NDDR_REMREF(dr); 1146 } 1147 lck_mtx_unlock(nd6_mutex); 1148 1149 return (dr != NULL ? 0 : EINVAL); 1150} 1151 1152/* 1153 * for default router selection 1154 * regards router-preference field as a 2-bit signed integer 1155 */ 1156static int 1157rtpref(struct nd_defrouter *dr) 1158{ 1159 switch (dr->flags & ND_RA_FLAG_RTPREF_MASK) { 1160 case ND_RA_FLAG_RTPREF_HIGH: 1161 return (RTPREF_HIGH); 1162 case ND_RA_FLAG_RTPREF_MEDIUM: 1163 case ND_RA_FLAG_RTPREF_RSV: 1164 return (RTPREF_MEDIUM); 1165 case ND_RA_FLAG_RTPREF_LOW: 1166 return (RTPREF_LOW); 1167 default: 1168 /* 1169 * This case should never happen. If it did, it would mean a 1170 * serious bug of kernel internal. We thus always bark here. 1171 * Or, can we even panic? 1172 */ 1173 log(LOG_ERR, "rtpref: impossible RA flag %x\n", dr->flags); 1174 return (RTPREF_INVALID); 1175 } 1176 /* NOTREACHED */ 1177} 1178 1179/* 1180 * Default Router Selection according to Section 6.3.6 of RFC 2461 and RFC 4191: 1181 * 1182 * 1) Routers that are reachable or probably reachable should be preferred. 1183 * If we have more than one (probably) reachable router, prefer ones 1184 * with the highest router preference. 1185 * 2) When no routers on the list are known to be reachable or 1186 * probably reachable, routers SHOULD be selected in a round-robin 1187 * fashion, regardless of router preference values. 1188 * 3) If the Default Router List is empty, assume that all 1189 * destinations are on-link. 1190 * 1191 * When Scoped Routing is enabled, the selection logic is amended as follows: 1192 * 1193 * a) When a default interface is specified, the primary/non-scoped default 1194 * router will be set to the reachable router on that link (if any) with 1195 * the highest router preference. 1196 * b) When there are more than one routers on the same link, the one with 1197 * the highest router preference will be installed, either as scoped or 1198 * non-scoped route entry. If they all share the same preference value, 1199 * the one installed will be the static or the first encountered reachable 1200 * router, i.e. static one wins over dynamic. 1201 * c) When no routers on the list are known to be reachable, or probably 1202 * reachable, no round-robin selection will take place when the default 1203 * interface is set. 1204 * 1205 * We assume nd_defrouter is sorted by router preference value. 1206 * Since the code below covers both with and without router preference cases, 1207 * we do not need to classify the cases by ifdef. 1208 */ 1209void 1210defrouter_select(struct ifnet *ifp) 1211{ 1212#pragma unused(ifp) 1213 struct nd_defrouter *dr, *selected_dr = NULL, *installed_dr = NULL; 1214 struct nd_defrouter *installed_dr0 = NULL; 1215 struct rtentry *rt = NULL; 1216 struct llinfo_nd6 *ln = NULL; 1217 int update = 0; 1218 boolean_t found_installedrt = FALSE; 1219 1220 lck_mtx_assert(nd6_mutex, LCK_MTX_ASSERT_OWNED); 1221 1222 /* 1223 * We no longer install (default) interface route; only prefix routes 1224 * are installed as interface routes. Therefore, there is no harm in 1225 * going through this routine even if a default interface is specified, 1226 * which happens when Scoped Routing is enabled. But for efficiency, 1227 * we fall back to the original KAME logic when Scoped Routing is 1228 * not in effect. 1229 */ 1230 if (ip6_forwarding && !ip6_doscopedroute) { 1231 nd6log((LOG_WARNING, 1232 "defrouter_select: called unexpectedly (forwarding=%d)\n", 1233 ip6_forwarding)); 1234 return; 1235 } 1236 1237 /* 1238 * Let's handle easy case (3) first: 1239 * If default router list is empty, there's nothing to be done. 1240 */ 1241 if (!TAILQ_FIRST(&nd_defrouter)) 1242 return; 1243 1244 /* 1245 * Due to the number of times we drop nd6_mutex, we need to 1246 * serialize this function. 1247 */ 1248 while (nd_defrouter_busy) { 1249 nd_defrouter_waiters++; 1250 msleep(nd_defrouter_waitchan, nd6_mutex, (PZERO-1), 1251 __func__, NULL); 1252 lck_mtx_assert(nd6_mutex, LCK_MTX_ASSERT_OWNED); 1253 } 1254 nd_defrouter_busy = TRUE; 1255 1256 /* 1257 * Search for a (probably) reachable router from the list. 1258 * We just pick up the first reachable one (if any), assuming that 1259 * the ordering rule of the list described in defrtrlist_update(). 1260 * 1261 * For all intents and purposes of Scoped Routing: 1262 * selected_dr = candidate for primary router 1263 * installed_dr = currently installed primary router 1264 */ 1265 for (dr = TAILQ_FIRST(&nd_defrouter); dr; 1266 dr = TAILQ_NEXT(dr, dr_entry)) { 1267 boolean_t reachable, advrouter; 1268 struct in6_addr rtaddr; 1269 struct ifnet *drifp; 1270 struct nd_defrouter *drrele; 1271 1272 drrele = NULL; 1273 reachable = FALSE; 1274 NDDR_LOCK(dr); 1275 rtaddr = *(&dr->rtaddr); 1276 drifp = dr->ifp; 1277 advrouter = (drifp != NULL && 1278 (drifp->if_eflags & IFEF_IPV6_ROUTER)); 1279 NDDR_ADDREF_LOCKED(dr); /* for this for loop */ 1280 NDDR_UNLOCK(dr); 1281 1282 lck_mtx_unlock(nd6_mutex); 1283 /* Callee returns a locked route upon success */ 1284 if ((rt = nd6_lookup(&rtaddr, 0, drifp, 0)) != NULL) { 1285 RT_LOCK_ASSERT_HELD(rt); 1286 if ((ln = rt->rt_llinfo) != NULL && 1287 ND6_IS_LLINFO_PROBREACH(ln)) { 1288 reachable = TRUE; 1289 if (selected_dr == NULL && 1290 (!ip6_doscopedroute || 1291 (drifp == nd6_defifp && !advrouter))) { 1292 selected_dr = dr; 1293 NDDR_ADDREF(selected_dr); 1294 } 1295 } 1296 RT_REMREF_LOCKED(rt); 1297 RT_UNLOCK(rt); 1298 rt = NULL; 1299 } 1300 lck_mtx_lock(nd6_mutex); 1301 1302 /* Handle case (b) */ 1303 NDDR_LOCK(dr); 1304 if (ip6_doscopedroute && drifp == nd6_defifp && !advrouter && 1305 (selected_dr == NULL || rtpref(dr) > rtpref(selected_dr) || 1306 (rtpref(dr) == rtpref(selected_dr) && 1307 (dr->stateflags & NDDRF_STATIC) && 1308 !(selected_dr->stateflags & NDDRF_STATIC)))) { 1309 if (selected_dr) { 1310 /* Release it later on */ 1311 VERIFY(drrele == NULL); 1312 drrele = selected_dr; 1313 } 1314 selected_dr = dr; 1315 NDDR_ADDREF_LOCKED(selected_dr); 1316 } 1317 1318 if (!(dr->stateflags & NDDRF_INSTALLED)) { 1319 /* 1320 * If the router hasn't been installed and it is 1321 * reachable, try to install it later on below. 1322 * If it's static, try to install it anyway. 1323 */ 1324 if (!advrouter && (reachable || 1325 (dr->stateflags & NDDRF_STATIC))) { 1326 dr->genid = -1; 1327 ++update; 1328 nd6log2((LOG_INFO, "%s: possible router %s, " 1329 "scoped=%d, static=%d\n", if_name(drifp), 1330 ip6_sprintf(&rtaddr), 1331 (dr->stateflags & NDDRF_IFSCOPE) ? 1 : 0, 1332 (dr->stateflags & NDDRF_STATIC) ? 1 : 0)); 1333 } 1334 NDDR_UNLOCK(dr); 1335 NDDR_REMREF(dr); /* for this for loop */ 1336 if (drrele != NULL) 1337 NDDR_REMREF(drrele); 1338 continue; 1339 } 1340 1341 /* Record the currently installed primary/non-scoped router */ 1342 if (!ip6_doscopedroute || !(dr->stateflags & NDDRF_IFSCOPE)) { 1343 if (installed_dr == NULL) { 1344 installed_dr = dr; 1345 NDDR_ADDREF_LOCKED(installed_dr); 1346 } else { 1347 /* this should not happen; warn for diagnosis */ 1348 log(LOG_ERR, "defrouter_select: more than one " 1349 "%s default router is installed\n", 1350 ip6_doscopedroute ? "non-scoped" : ""); 1351 } 1352 } 1353 NDDR_UNLOCK(dr); 1354 NDDR_REMREF(dr); /* for this for loop */ 1355 if (drrele != NULL) 1356 NDDR_REMREF(drrele); 1357 } 1358 1359 /* If none was selected, use the currently installed one */ 1360 if (ip6_doscopedroute && selected_dr == NULL && installed_dr != NULL) { 1361 selected_dr = installed_dr; 1362 NDDR_ADDREF(selected_dr); 1363 } 1364 1365 /* 1366 * Install the unreachable one(s) if necesssary. 1367 */ 1368 for (dr = TAILQ_FIRST(&nd_defrouter); dr; 1369 dr = TAILQ_NEXT(dr, dr_entry)) { 1370 struct nd_defrouter *_dr; 1371 1372 if (!ip6_doscopedroute) 1373 break; 1374 1375 NDDR_LOCK(dr); 1376 1377 /* If already (or will be) installed, skip */ 1378 if ((dr->stateflags & NDDRF_INSTALLED) || dr->genid == -1) { 1379 NDDR_UNLOCK(dr); 1380 continue; 1381 } 1382 1383 /* See if there is already a default router for the link */ 1384 for (_dr = TAILQ_FIRST(&nd_defrouter); _dr; 1385 _dr = TAILQ_NEXT(_dr, dr_entry)) { 1386 if (_dr != dr) 1387 NDDR_LOCK(_dr); 1388 if (_dr == dr || _dr->ifp != dr->ifp) { 1389 if (_dr != dr) 1390 NDDR_UNLOCK(_dr); 1391 continue; 1392 } 1393 1394 if ((_dr->stateflags & NDDRF_INSTALLED) || 1395 _dr->genid == -1) { 1396 if (_dr != dr) 1397 NDDR_UNLOCK(_dr); 1398 break; 1399 } 1400 if (_dr != dr) 1401 NDDR_UNLOCK(_dr); 1402 } 1403 1404 /* If none so far, schedule it to be installed below */ 1405 if (_dr == NULL && dr->ifp != NULL && 1406 !(dr->ifp->if_eflags & IFEF_IPV6_ROUTER)) { 1407 dr->genid = -1; 1408 ++update; 1409 nd6log2((LOG_INFO, "%s: possible router %s, " 1410 "static=%d (unreachable)\n", if_name(dr->ifp), 1411 ip6_sprintf(&dr->rtaddr), 1412 (dr->stateflags & NDDRF_STATIC) ? 1 : 0)); 1413 } 1414 NDDR_UNLOCK(dr); 1415 } 1416 1417 dr = selected_dr; 1418 if (dr != NULL) { 1419 nd6log2((LOG_INFO, "%s: considering primary default router %s, " 1420 "static=%d [round 1]\n", if_name(dr->ifp), 1421 ip6_sprintf(&dr->rtaddr), 1422 (dr->stateflags & NDDRF_STATIC) ? 1 : 0)); 1423 } 1424 1425 /* 1426 * If none of the default routers was found to be reachable, 1427 * round-robin the list regardless of preference, except when 1428 * Scoped Routing is enabled per case (c). 1429 * 1430 * Otherwise, if we have an installed router, check if the selected 1431 * (reachable) router should really be preferred to the installed one. 1432 * We only prefer the new router when the old one is not reachable 1433 * or when the new one has a really higher preference value. 1434 */ 1435 if (!ip6_doscopedroute && selected_dr == NULL) { 1436 if (installed_dr == NULL || 1437 !TAILQ_NEXT(installed_dr, dr_entry)) { 1438 selected_dr = TAILQ_FIRST(&nd_defrouter); 1439 if (selected_dr) 1440 NDDR_ADDREF(selected_dr); 1441 } else { 1442 selected_dr = TAILQ_NEXT(installed_dr, dr_entry); 1443 if (selected_dr) 1444 NDDR_ADDREF(selected_dr); 1445 } 1446 } else if (selected_dr != NULL && installed_dr != NULL) { 1447 lck_mtx_unlock(nd6_mutex); 1448 rt = nd6_lookup(&installed_dr->rtaddr, 0, installed_dr->ifp, 0); 1449 if (rt) { 1450 RT_LOCK_ASSERT_HELD(rt); 1451 if ((ln = (struct llinfo_nd6 *)rt->rt_llinfo) && 1452 ND6_IS_LLINFO_PROBREACH(ln) && 1453 (!ip6_doscopedroute || 1454 installed_dr->ifp == nd6_defifp) && 1455 rtpref(selected_dr) <= rtpref(installed_dr)) { 1456 NDDR_REMREF(selected_dr); 1457 selected_dr = installed_dr; 1458 NDDR_ADDREF(selected_dr); 1459 } 1460 RT_REMREF_LOCKED(rt); 1461 RT_UNLOCK(rt); 1462 rt = NULL; 1463 found_installedrt = TRUE; 1464 } 1465 lck_mtx_lock(nd6_mutex); 1466 } 1467 1468 if (ip6_doscopedroute) { 1469 /* 1470 * If the installed primary router is not on the current 1471 * IPv6 default interface, demote it to a scoped entry. 1472 */ 1473 if (installed_dr != NULL && installed_dr->ifp != nd6_defifp && 1474 !(installed_dr->stateflags & NDDRF_IFSCOPE)) { 1475 if (selected_dr != NULL && 1476 selected_dr->ifp != nd6_defifp) { 1477 NDDR_REMREF(selected_dr); 1478 selected_dr = NULL; 1479 } 1480 ++update; 1481 } 1482 1483 /* 1484 * If the selected router is currently scoped, make sure 1485 * we update (it needs to be promoted to primary.) 1486 */ 1487 if (selected_dr != NULL && 1488 (selected_dr->stateflags & NDDRF_IFSCOPE)) 1489 ++update; 1490 1491 /* 1492 * If the installed router is no longer reachable, remove 1493 * it and install the selected router instead. 1494 */ 1495 if (installed_dr != NULL 1496 && selected_dr != NULL 1497 && installed_dr != selected_dr 1498 && found_installedrt == FALSE 1499 && installed_dr->ifp == selected_dr->ifp) { 1500 /* skip it below */ 1501 installed_dr0 = installed_dr; 1502 /* NB: we previousled referenced installed_dr */ 1503 installed_dr = NULL; 1504 selected_dr->genid = -1; 1505 ++update; 1506 } 1507 } 1508 1509 /* 1510 * If Scoped Routing is enabled and there's nothing to update, 1511 * just return. Otherwise, if Scoped Routing is disabled and if 1512 * the selected router is different than the installed one, 1513 * remove the installed router and install the selected one. 1514 */ 1515 dr = selected_dr; 1516 VERIFY(dr != NULL || ip6_doscopedroute); 1517 if (!ip6_doscopedroute || !update) { 1518 if (dr == NULL) 1519 goto out; 1520 1521 if (dr != installed_dr) { 1522 nd6log2((LOG_INFO, "%s: no update, selected router %s, " 1523 "installed router %s\n", if_name(dr->ifp), 1524 ip6_sprintf(&dr->rtaddr), installed_dr != NULL ? 1525 ip6_sprintf(&installed_dr->rtaddr) : "NONE")); 1526 } else { 1527 nd6log2((LOG_INFO, "%s: no update, router is %s\n", 1528 if_name(dr->ifp), ip6_sprintf(&dr->rtaddr))); 1529 } 1530 if (!ip6_doscopedroute && installed_dr != dr) { 1531 /* 1532 * No need to ADDREF dr because at this point 1533 * dr points to selected_dr, which already holds 1534 * a reference. 1535 */ 1536 lck_mtx_unlock(nd6_mutex); 1537 if (installed_dr) { 1538 defrouter_delreq(installed_dr); 1539 } 1540 defrouter_addreq(dr, FALSE); 1541 lck_mtx_lock(nd6_mutex); 1542 } 1543 goto out; 1544 } 1545 1546 /* 1547 * Scoped Routing is enabled and we need to update. The selected 1548 * router needs to be installed as primary/non-scoped entry. If 1549 * there is any existing entry that is non-scoped, remove it from 1550 * the routing table and reinstall it as scoped entry. 1551 */ 1552 if (dr != NULL) { 1553 nd6log2((LOG_INFO, "%s: considering primary default router %s, " 1554 "static=%d [round 2]\n", if_name(dr->ifp), 1555 ip6_sprintf(&dr->rtaddr), 1556 (dr->stateflags & NDDRF_STATIC) ? 1 : 0)); 1557 } 1558 1559 /* 1560 * On the following while loops we use two flags: 1561 * dr->genid 1562 * NDDRF_PROCESSED 1563 * 1564 * genid is used to skip entries that are not to be added/removed on the 1565 * second while loop. 1566 * NDDRF_PROCESSED is used to skip entries that were already 1567 * processed. 1568 * This is necessary because we drop the nd6_mutex and start the while 1569 * loop again. 1570 */ 1571 TAILQ_FOREACH(dr, &nd_defrouter, dr_entry) { 1572 NDDR_LOCK(dr); 1573 VERIFY((dr->stateflags & NDDRF_PROCESSED) == 0); 1574 NDDR_UNLOCK(dr); 1575 } 1576 /* Remove conflicting entries */ 1577 dr = TAILQ_FIRST(&nd_defrouter); 1578 while (dr) { 1579 NDDR_LOCK(dr); 1580 if (!(dr->stateflags & NDDRF_INSTALLED) || 1581 dr->stateflags & NDDRF_PROCESSED) { 1582 NDDR_UNLOCK(dr); 1583 dr = TAILQ_NEXT(dr, dr_entry); 1584 continue; 1585 } 1586 dr->stateflags |= NDDRF_PROCESSED; 1587 1588 /* A NULL selected_dr will remove primary default route */ 1589 if ((dr == selected_dr && (dr->stateflags & NDDRF_IFSCOPE)) || 1590 (dr != selected_dr && !(dr->stateflags & NDDRF_IFSCOPE))) { 1591 NDDR_ADDREF_LOCKED(dr); 1592 NDDR_UNLOCK(dr); 1593 lck_mtx_unlock(nd6_mutex); 1594 defrouter_delreq(dr); 1595 lck_mtx_lock(nd6_mutex); 1596 NDDR_LOCK(dr); 1597 if (dr && dr != installed_dr0) 1598 dr->genid = -1; 1599 NDDR_UNLOCK(dr); 1600 NDDR_REMREF(dr); 1601 /* 1602 * Since we lost nd6_mutex, we have to start over. 1603 */ 1604 dr = TAILQ_FIRST(&nd_defrouter); 1605 continue; 1606 } 1607 NDDR_UNLOCK(dr); 1608 dr = TAILQ_NEXT(dr, dr_entry); 1609 } 1610 1611 /* -1 is a special number, make sure we don't use it for genid */ 1612 if (++nd6_defrouter_genid == -1) 1613 nd6_defrouter_genid = 1; 1614 1615 TAILQ_FOREACH(dr, &nd_defrouter, dr_entry) { 1616 NDDR_LOCK(dr); 1617 dr->stateflags &= ~NDDRF_PROCESSED; 1618 NDDR_UNLOCK(dr); 1619 } 1620 /* Add the entries back */ 1621 dr = TAILQ_FIRST(&nd_defrouter); 1622 while (dr) { 1623 struct nd_defrouter *_dr; 1624 1625 NDDR_LOCK(dr); 1626 if (dr->stateflags & NDDRF_PROCESSED || 1627 dr->genid != -1) { 1628 NDDR_UNLOCK(dr); 1629 dr = TAILQ_NEXT(dr, dr_entry); 1630 continue; 1631 } 1632 dr->stateflags |= NDDRF_PROCESSED; 1633 1634 /* Handle case (b) */ 1635 for (_dr = TAILQ_FIRST(&nd_defrouter); _dr; 1636 _dr = TAILQ_NEXT(_dr, dr_entry)) { 1637 if (_dr == dr) 1638 continue; 1639 /* 1640 * This is safe because we previously checked if 1641 * _dr == dr. 1642 */ 1643 NDDR_LOCK(_dr); 1644 if (_dr->ifp == dr->ifp && rtpref(_dr) >= rtpref(dr) && 1645 (_dr->stateflags & NDDRF_INSTALLED)) { 1646 NDDR_ADDREF_LOCKED(_dr); 1647 NDDR_UNLOCK(_dr); 1648 break; 1649 } 1650 NDDR_UNLOCK(_dr); 1651 } 1652 1653 /* If same preference and i/f, static entry takes precedence */ 1654 if (_dr != NULL && rtpref(_dr) == rtpref(dr) && 1655 !(_dr->stateflags & NDDRF_STATIC) && 1656 (dr->stateflags & NDDRF_STATIC)) { 1657 lck_mtx_unlock(nd6_mutex); 1658 defrouter_delreq(_dr); 1659 lck_mtx_lock(nd6_mutex); 1660 NDDR_REMREF(_dr); 1661 _dr = NULL; 1662 } 1663 1664 if (_dr == NULL && !(dr->stateflags & NDDRF_INSTALLED)) { 1665 NDDR_ADDREF_LOCKED(dr); 1666 NDDR_UNLOCK(dr); 1667 lck_mtx_unlock(nd6_mutex); 1668 defrouter_addreq(dr, (selected_dr == NULL || 1669 dr->ifp != selected_dr->ifp)); 1670 dr->genid = nd6_defrouter_genid; 1671 lck_mtx_lock(nd6_mutex); 1672 NDDR_REMREF(dr); 1673 /* 1674 * Since we lost nd6_mutex, we have to start over. 1675 */ 1676 dr = TAILQ_FIRST(&nd_defrouter); 1677 continue; 1678 } 1679 NDDR_UNLOCK(dr); 1680 dr = TAILQ_NEXT(dr, dr_entry); 1681 } 1682out: 1683 TAILQ_FOREACH(dr, &nd_defrouter, dr_entry) { 1684 NDDR_LOCK(dr); 1685 dr->stateflags &= ~NDDRF_PROCESSED; 1686 NDDR_UNLOCK(dr); 1687 } 1688 if (selected_dr) 1689 NDDR_REMREF(selected_dr); 1690 if (installed_dr) 1691 NDDR_REMREF(installed_dr); 1692 if (installed_dr0) 1693 NDDR_REMREF(installed_dr0); 1694 lck_mtx_assert(nd6_mutex, LCK_MTX_ASSERT_OWNED); 1695 VERIFY(nd_defrouter_busy); 1696 nd_defrouter_busy = FALSE; 1697 if (nd_defrouter_waiters > 0) { 1698 nd_defrouter_waiters = 0; 1699 wakeup(nd_defrouter_waitchan); 1700 } 1701} 1702 1703static struct nd_defrouter * 1704defrtrlist_update_common(struct nd_defrouter *new, boolean_t scoped) 1705{ 1706 struct nd_defrouter *dr, *n; 1707 struct ifnet *ifp = new->ifp; 1708 struct nd_ifinfo *ndi = NULL; 1709 struct timeval caltime; 1710 1711 lck_mtx_assert(nd6_mutex, LCK_MTX_ASSERT_OWNED); 1712 1713 if ((dr = defrouter_lookup(&new->rtaddr, ifp)) != NULL) { 1714 /* entry exists */ 1715 if (new->rtlifetime == 0) { 1716 defrtrlist_del(dr); 1717 NDDR_REMREF(dr); 1718 dr = NULL; 1719 } else { 1720 int oldpref = rtpref(dr); 1721 1722 /* override */ 1723 dr->flags = new->flags; /* xxx flag check */ 1724 dr->rtlifetime = new->rtlifetime; 1725 dr->expire = new->expire; 1726 1727 /* 1728 * If the preference does not change, there's no need 1729 * to sort the entries. If Scoped Routing is enabled, 1730 * put the primary/non-scoped router at the top of the 1731 * list of routers in the same preference band, unless 1732 * it's already at that position. 1733 */ 1734 if (ip6_doscopedroute) { 1735 struct nd_defrouter *p = NULL; 1736 1737 /* same preference and scoped; just return */ 1738 if (rtpref(new) == oldpref && scoped) 1739 return (dr); 1740 1741 n = TAILQ_FIRST(&nd_defrouter); 1742 while (n != NULL) { 1743 /* preference changed; sort it */ 1744 if (rtpref(new) != oldpref) 1745 break; 1746 1747 /* not at the top of band; sort it */ 1748 if (n != dr && rtpref(n) == oldpref && 1749 (!p || rtpref(p) > rtpref(n))) 1750 break; 1751 1752 p = n; 1753 n = TAILQ_NEXT(n, dr_entry); 1754 } 1755 1756 /* nothing has changed, just return */ 1757 if (n == NULL && (scoped || 1758 !(dr->stateflags & NDDRF_IFSCOPE))) 1759 return (dr); 1760 } else if (rtpref(new) == oldpref) { 1761 return (dr); 1762 } 1763 1764 /* 1765 * preferred router may be changed, so relocate 1766 * this router. 1767 * XXX: calling TAILQ_REMOVE directly is a bad manner. 1768 * However, since defrtrlist_del() has many side 1769 * effects, we intentionally do so here. 1770 * defrouter_select() below will handle routing 1771 * changes later. 1772 */ 1773 TAILQ_REMOVE(&nd_defrouter, dr, dr_entry); 1774 new->stateflags = dr->stateflags; 1775 new->stateflags &= ~NDDRF_PROCESSED; 1776 1777 n = dr; 1778 goto insert; 1779 } 1780 return (dr); 1781 } 1782 1783 VERIFY(dr == NULL); 1784 1785 /* entry does not exist */ 1786 if (new->rtlifetime == 0) { 1787 return (NULL); 1788 } 1789 1790 n = nddr_alloc(M_WAITOK); 1791 if (n == NULL) { 1792 return (NULL); 1793 } 1794 1795 lck_rw_lock_shared(nd_if_rwlock); 1796 if (ifp->if_index >= nd_ifinfo_indexlim) 1797 goto freeit; 1798 ndi = &nd_ifinfo[ifp->if_index]; 1799 VERIFY(ndi->initialized); 1800 lck_mtx_lock(&ndi->lock); 1801 if (ip6_maxifdefrouters >= 0 && 1802 ndi->ndefrouters >= ip6_maxifdefrouters) { 1803 lck_mtx_unlock(&ndi->lock); 1804freeit: 1805 lck_rw_done(nd_if_rwlock); 1806 nddr_free(n); 1807 return (NULL); 1808 } 1809 1810 NDDR_ADDREF(n); /* for the nd_defrouter list */ 1811 NDDR_ADDREF(n); /* for the caller */ 1812 1813 ++nd6_defrouter_genid; 1814 ndi->ndefrouters++; 1815 VERIFY(ndi->ndefrouters != 0); 1816 lck_mtx_unlock(&ndi->lock); 1817 lck_rw_done(nd_if_rwlock); 1818 1819 nd6log2((LOG_INFO, "%s: allocating defrouter %s\n", if_name(ifp), 1820 ip6_sprintf(&new->rtaddr))); 1821 1822 getmicrotime(&caltime); 1823 NDDR_LOCK(n); 1824 memcpy(&n->rtaddr, &new->rtaddr, sizeof (n->rtaddr)); 1825 n->flags = new->flags; 1826 n->stateflags = new->stateflags; 1827 n->stateflags &= ~NDDRF_PROCESSED; 1828 n->rtlifetime = new->rtlifetime; 1829 n->expire = new->expire; 1830 n->base_calendartime = caltime.tv_sec; 1831 n->base_uptime = net_uptime(); 1832 n->ifp = new->ifp; 1833 n->genid = new->genid; 1834 n->err = new->err; 1835 NDDR_UNLOCK(n); 1836insert: 1837 /* get nd6_service() to be scheduled as soon as it's convenient */ 1838 ++nd6_sched_timeout_want; 1839 1840 /* 1841 * Insert the new router in the Default Router List; 1842 * The Default Router List should be in the descending order 1843 * of router-preferece. When Scoped Routing is disabled, routers 1844 * with the same preference are sorted in the arriving time order; 1845 * otherwise, the first entry in the list of routers having the same 1846 * preference is the primary default router, when the interface used 1847 * by the entry is the default interface. 1848 */ 1849 1850 /* insert at the end of the group */ 1851 for (dr = TAILQ_FIRST(&nd_defrouter); dr; 1852 dr = TAILQ_NEXT(dr, dr_entry)) { 1853 if (rtpref(n) > rtpref(dr) || 1854 (ip6_doscopedroute && !scoped && rtpref(n) == rtpref(dr))) 1855 break; 1856 } 1857 if (dr) 1858 TAILQ_INSERT_BEFORE(dr, n, dr_entry); 1859 else 1860 TAILQ_INSERT_TAIL(&nd_defrouter, n, dr_entry); 1861 1862 defrouter_select(ifp); 1863 1864 return (n); 1865} 1866 1867static struct nd_defrouter * 1868defrtrlist_update(struct nd_defrouter *new) 1869{ 1870 struct nd_defrouter *dr; 1871 1872 lck_mtx_assert(nd6_mutex, LCK_MTX_ASSERT_OWNED); 1873 dr = defrtrlist_update_common(new, 1874 (nd6_defifp != NULL && new->ifp != nd6_defifp)); 1875 1876 return (dr); 1877} 1878 1879static void 1880defrtrlist_sync(struct ifnet *ifp) 1881{ 1882 struct nd_defrouter *dr, new; 1883 1884 lck_mtx_assert(nd6_mutex, LCK_MTX_ASSERT_OWNED); 1885 1886 if (!ip6_doscopedroute) { 1887 defrouter_select(ifp); 1888 return; 1889 } 1890 1891 for (dr = TAILQ_FIRST(&nd_defrouter); dr; 1892 dr = TAILQ_NEXT(dr, dr_entry)) { 1893 NDDR_LOCK(dr); 1894 if (dr->ifp == ifp && (dr->stateflags & NDDRF_INSTALLED)) 1895 break; 1896 NDDR_UNLOCK(dr); 1897 } 1898 1899 if (dr == NULL) { 1900 defrouter_select(ifp); 1901 } else { 1902 memcpy(&new.rtaddr, &dr->rtaddr, sizeof (new.rtaddr)); 1903 new.flags = dr->flags; 1904 new.stateflags = dr->stateflags; 1905 new.stateflags &= ~NDDRF_PROCESSED; 1906 new.rtlifetime = dr->rtlifetime; 1907 new.expire = dr->expire; 1908 new.ifp = dr->ifp; 1909 new.genid = dr->genid; 1910 new.err = dr->err; 1911 NDDR_UNLOCK(dr); 1912 dr = defrtrlist_update_common(&new, FALSE); 1913 if (dr) 1914 NDDR_REMREF(dr); 1915 } 1916} 1917 1918static struct nd_pfxrouter * 1919pfxrtr_lookup(struct nd_prefix *pr, struct nd_defrouter *dr) 1920{ 1921 struct nd_pfxrouter *search; 1922 1923 lck_mtx_assert(nd6_mutex, LCK_MTX_ASSERT_OWNED); 1924 NDPR_LOCK_ASSERT_HELD(pr); 1925 1926 for (search = pr->ndpr_advrtrs.lh_first; search; 1927 search = search->pfr_next) { 1928 if (search->router == dr) 1929 break; 1930 } 1931 1932 return (search); 1933} 1934 1935static void 1936pfxrtr_add(struct nd_prefix *pr, struct nd_defrouter *dr) 1937{ 1938 struct nd_pfxrouter *new; 1939 1940 lck_mtx_assert(nd6_mutex, LCK_MTX_ASSERT_OWNED); 1941 NDPR_LOCK_ASSERT_NOTHELD(pr); 1942 1943 new = zalloc(ndprtr_zone); 1944 if (new == NULL) 1945 return; 1946 bzero(new, sizeof (*new)); 1947 new->router = dr; 1948 1949 NDPR_LOCK(pr); 1950 LIST_INSERT_HEAD(&pr->ndpr_advrtrs, new, pfr_entry); 1951 pr->ndpr_genid++; 1952 NDPR_UNLOCK(pr); 1953 1954 pfxlist_onlink_check(); 1955} 1956 1957static void 1958pfxrtr_del(struct nd_pfxrouter *pfr, struct nd_prefix *pr) 1959{ 1960 lck_mtx_assert(nd6_mutex, LCK_MTX_ASSERT_OWNED); 1961 NDPR_LOCK_ASSERT_HELD(pr); 1962 pr->ndpr_genid++; 1963 LIST_REMOVE(pfr, pfr_entry); 1964 zfree(ndprtr_zone, pfr); 1965} 1966 1967struct nd_prefix * 1968nd6_prefix_lookup(struct nd_prefix *pr) 1969{ 1970 struct nd_prefix *search; 1971 1972 lck_mtx_lock(nd6_mutex); 1973 for (search = nd_prefix.lh_first; search; search = search->ndpr_next) { 1974 NDPR_LOCK(search); 1975 if (pr->ndpr_ifp == search->ndpr_ifp && 1976 pr->ndpr_plen == search->ndpr_plen && 1977 in6_are_prefix_equal(&pr->ndpr_prefix.sin6_addr, 1978 &search->ndpr_prefix.sin6_addr, pr->ndpr_plen)) { 1979 NDPR_ADDREF_LOCKED(search); 1980 NDPR_UNLOCK(search); 1981 break; 1982 } 1983 NDPR_UNLOCK(search); 1984 } 1985 lck_mtx_unlock(nd6_mutex); 1986 1987 return (search); 1988} 1989 1990static void 1991purge_detached(struct ifnet *ifp) 1992{ 1993 struct nd_prefix *pr, *pr_next; 1994 struct in6_ifaddr *ia; 1995 struct ifaddr *ifa, *ifa_next; 1996 boolean_t removed = FALSE; 1997 1998 lck_mtx_lock(nd6_mutex); 1999 2000 pr = nd_prefix.lh_first; 2001repeat: 2002 while (pr) { 2003 NDPR_LOCK(pr); 2004 pr_next = pr->ndpr_next; 2005 if (pr->ndpr_ifp != ifp || 2006 IN6_IS_ADDR_LINKLOCAL(&pr->ndpr_prefix.sin6_addr) || 2007 ((pr->ndpr_stateflags & NDPRF_DETACHED) == 0 && 2008 !LIST_EMPTY(&pr->ndpr_advrtrs))) { 2009 NDPR_UNLOCK(pr); 2010 pr = pr_next; 2011 continue; 2012 } 2013 NDPR_ADDREF_LOCKED(pr); 2014 NDPR_UNLOCK(pr); 2015 ifnet_lock_shared(ifp); 2016 for (ifa = ifp->if_addrlist.tqh_first; ifa; ifa = ifa_next) { 2017 IFA_LOCK(ifa); 2018 ifa_next = ifa->ifa_list.tqe_next; 2019 if (ifa->ifa_addr->sa_family != AF_INET6) { 2020 IFA_UNLOCK(ifa); 2021 continue; 2022 } 2023 ia = (struct in6_ifaddr *)ifa; 2024 if ((ia->ia6_flags & IN6_IFF_AUTOCONF) == 2025 IN6_IFF_AUTOCONF && ia->ia6_ndpr == pr) { 2026 IFA_ADDREF_LOCKED(ifa); /* for us */ 2027 IFA_UNLOCK(ifa); 2028 /* 2029 * Purging the address requires writer access 2030 * to the address list, so drop the ifnet lock 2031 * now and repeat from beginning. 2032 */ 2033 ifnet_lock_done(ifp); 2034 lck_mtx_unlock(nd6_mutex); 2035 in6_purgeaddr(ifa); 2036 IFA_REMREF(ifa); /* drop ours */ 2037 lck_mtx_lock(nd6_mutex); 2038 NDPR_REMREF(pr); 2039 pr = nd_prefix.lh_first; 2040 goto repeat; 2041 } 2042 IFA_UNLOCK(ifa); 2043 } 2044 ifnet_lock_done(ifp); 2045 NDPR_LOCK(pr); 2046 if (pr->ndpr_addrcnt == 0 && 2047 !(pr->ndpr_stateflags & NDPRF_DEFUNCT)) { 2048 prelist_remove(pr); 2049 NDPR_UNLOCK(pr); 2050 removed = TRUE; 2051 /* 2052 * Reset the search from the beginning because 2053 * nd6_mutex may have been dropped in 2054 * prelist_remove(). 2055 */ 2056 pr_next = nd_prefix.lh_first; 2057 } else { 2058 NDPR_UNLOCK(pr); 2059 } 2060 NDPR_REMREF(pr); 2061 pr = pr_next; 2062 } 2063 if (removed) 2064 pfxlist_onlink_check(); 2065 lck_mtx_unlock(nd6_mutex); 2066} 2067 2068int 2069nd6_prelist_add(struct nd_prefix *pr, struct nd_defrouter *dr, 2070 struct nd_prefix **newp, boolean_t force_scoped) 2071{ 2072 struct nd_prefix *new = NULL; 2073 struct ifnet *ifp = pr->ndpr_ifp; 2074 struct nd_ifinfo *ndi = NULL; 2075 int i, error; 2076 2077 if (ip6_maxifprefixes >= 0) { 2078 lck_rw_lock_shared(nd_if_rwlock); 2079 if (ifp->if_index >= nd_ifinfo_indexlim) { 2080 lck_rw_done(nd_if_rwlock); 2081 return (EINVAL); 2082 } 2083 ndi = &nd_ifinfo[ifp->if_index]; 2084 VERIFY(ndi->initialized); 2085 lck_mtx_lock(&ndi->lock); 2086 if (ndi->nprefixes >= ip6_maxifprefixes / 2) { 2087 lck_mtx_unlock(&ndi->lock); 2088 lck_rw_done(nd_if_rwlock); 2089 purge_detached(ifp); 2090 lck_rw_lock_shared(nd_if_rwlock); 2091 /* 2092 * Refresh pointer since nd_ifinfo[] may have grown; 2093 * repeating the bounds check against nd_ifinfo_indexlim 2094 * isn't necessary since the array never shrinks. 2095 */ 2096 ndi = &nd_ifinfo[ifp->if_index]; 2097 lck_mtx_lock(&ndi->lock); 2098 } 2099 if (ndi->nprefixes >= ip6_maxifprefixes) { 2100 lck_mtx_unlock(&ndi->lock); 2101 lck_rw_done(nd_if_rwlock); 2102 return (ENOMEM); 2103 } 2104 lck_mtx_unlock(&ndi->lock); 2105 lck_rw_done(nd_if_rwlock); 2106 } 2107 2108 new = ndpr_alloc(M_WAITOK); 2109 if (new == NULL) 2110 return (ENOMEM); 2111 2112 NDPR_LOCK(new); 2113 NDPR_LOCK(pr); 2114 new->ndpr_ifp = pr->ndpr_ifp; 2115 new->ndpr_prefix = pr->ndpr_prefix; 2116 new->ndpr_plen = pr->ndpr_plen; 2117 new->ndpr_vltime = pr->ndpr_vltime; 2118 new->ndpr_pltime = pr->ndpr_pltime; 2119 new->ndpr_flags = pr->ndpr_flags; 2120 if (pr->ndpr_stateflags & NDPRF_STATIC) 2121 new->ndpr_stateflags |= NDPRF_STATIC; 2122 NDPR_UNLOCK(pr); 2123 if ((error = in6_init_prefix_ltimes(new)) != 0) { 2124 NDPR_UNLOCK(new); 2125 ndpr_free(new); 2126 return (error); 2127 } 2128 new->ndpr_lastupdate = net_uptime(); 2129 if (newp != NULL) { 2130 *newp = new; 2131 NDPR_ADDREF_LOCKED(new); /* for caller */ 2132 } 2133 /* initialization */ 2134 LIST_INIT(&new->ndpr_advrtrs); 2135 in6_prefixlen2mask(&new->ndpr_mask, new->ndpr_plen); 2136 /* make prefix in the canonical form */ 2137 for (i = 0; i < 4; i++) 2138 new->ndpr_prefix.sin6_addr.s6_addr32[i] &= 2139 new->ndpr_mask.s6_addr32[i]; 2140 2141 NDPR_UNLOCK(new); 2142 2143 /* get nd6_service() to be scheduled as soon as it's convenient */ 2144 ++nd6_sched_timeout_want; 2145 2146 lck_mtx_lock(nd6_mutex); 2147 /* link ndpr_entry to nd_prefix list */ 2148 LIST_INSERT_HEAD(&nd_prefix, new, ndpr_entry); 2149 new->ndpr_debug |= IFD_ATTACHED; 2150 NDPR_ADDREF(new); /* for nd_prefix list */ 2151 2152 /* ND_OPT_PI_FLAG_ONLINK processing */ 2153 if (new->ndpr_raf_onlink) { 2154 int e; 2155 2156 if ((e = nd6_prefix_onlink_common(new, force_scoped, 2157 new->ndpr_ifp->if_index)) != 0) { 2158 nd6log((LOG_ERR, "nd6_prelist_add: failed to make " 2159 "the prefix %s/%d on-link %s on %s (errno=%d)\n", 2160 ip6_sprintf(&new->ndpr_prefix.sin6_addr), 2161 new->ndpr_plen, force_scoped ? "scoped" : 2162 "non-scoped", if_name(ifp), e)); 2163 /* proceed anyway. XXX: is it correct? */ 2164 } 2165 } 2166 2167 if (dr) { 2168 pfxrtr_add(new, dr); 2169 } 2170 2171 lck_rw_lock_shared(nd_if_rwlock); 2172 /* 2173 * Refresh pointer since nd_ifinfo[] may have grown; 2174 * repeating the bounds check against nd_ifinfo_indexlim 2175 * isn't necessary since the array never shrinks. 2176 */ 2177 ndi = &nd_ifinfo[ifp->if_index]; 2178 VERIFY(ndi->initialized); 2179 lck_mtx_lock(&ndi->lock); 2180 ndi->nprefixes++; 2181 VERIFY(ndi->nprefixes != 0); 2182 lck_mtx_unlock(&ndi->lock); 2183 lck_rw_done(nd_if_rwlock); 2184 2185 lck_mtx_unlock(nd6_mutex); 2186 2187 return (0); 2188} 2189 2190/* 2191 * Caller must have held an extra reference on nd_prefix. 2192 */ 2193void 2194prelist_remove(struct nd_prefix *pr) 2195{ 2196 struct nd_pfxrouter *pfr, *next; 2197 struct ifnet *ifp = pr->ndpr_ifp; 2198 int e; 2199 2200 lck_mtx_assert(nd6_mutex, LCK_MTX_ASSERT_OWNED); 2201 NDPR_LOCK_ASSERT_HELD(pr); 2202 2203 if (pr->ndpr_stateflags & NDPRF_DEFUNCT) 2204 return; 2205 2206 /* 2207 * If there are no more addresses, defunct the prefix. This is needed 2208 * because we don't want multiple threads calling prelist_remove() for 2209 * the same prefix and this might happen because we unlock nd6_mutex 2210 * down below. 2211 */ 2212 if (pr->ndpr_addrcnt == 0) 2213 pr->ndpr_stateflags |= NDPRF_DEFUNCT; 2214 2215 /* make sure to invalidate the prefix until it is really freed. */ 2216 pr->ndpr_vltime = 0; 2217 pr->ndpr_pltime = 0; 2218 2219 /* 2220 * Though these flags are now meaningless, we'd rather keep the value 2221 * of pr->ndpr_raf_onlink and pr->ndpr_raf_auto not to confuse users 2222 * when executing "ndp -p". 2223 */ 2224 if (pr->ndpr_stateflags & NDPRF_ONLINK) { 2225 NDPR_ADDREF_LOCKED(pr); 2226 NDPR_UNLOCK(pr); 2227 lck_mtx_unlock(nd6_mutex); 2228 if ((e = nd6_prefix_offlink(pr)) != 0) { 2229 nd6log((LOG_ERR, "prelist_remove: failed to make " 2230 "%s/%d offlink on %s, errno=%d\n", 2231 ip6_sprintf(&pr->ndpr_prefix.sin6_addr), 2232 pr->ndpr_plen, if_name(ifp), e)); 2233 /* what should we do? */ 2234 } 2235 lck_mtx_lock(nd6_mutex); 2236 NDPR_LOCK(pr); 2237 if (NDPR_REMREF_LOCKED(pr) == NULL) 2238 return; 2239 } 2240 2241 if (pr->ndpr_addrcnt > 0) { 2242 /* 2243 * The state might have changed if we called 2244 * nd6_prefix_offlink(). 2245 */ 2246 pr->ndpr_stateflags &= ~NDPRF_DEFUNCT; 2247 return; /* notice here? */ 2248 } 2249 2250 /* unlink ndpr_entry from nd_prefix list */ 2251 LIST_REMOVE(pr, ndpr_entry); 2252 pr->ndpr_debug &= ~IFD_ATTACHED; 2253 2254 /* free list of routers that adversed the prefix */ 2255 for (pfr = pr->ndpr_advrtrs.lh_first; pfr; pfr = next) { 2256 next = pfr->pfr_next; 2257 pfxrtr_del(pfr, pr); 2258 } 2259 2260 lck_rw_lock_shared(nd_if_rwlock); 2261 if (ifp->if_index < nd_ifinfo_indexlim) { 2262 struct nd_ifinfo *ndi = &nd_ifinfo[ifp->if_index]; 2263 VERIFY(ndi->initialized); 2264 lck_mtx_lock(&ndi->lock); 2265 VERIFY(ndi->nprefixes > 0); 2266 ndi->nprefixes--; 2267 lck_mtx_unlock(&ndi->lock); 2268 } 2269 lck_rw_done(nd_if_rwlock); 2270 2271 /* This must not be the last reference to the nd_prefix */ 2272 if (NDPR_REMREF_LOCKED(pr) == NULL) { 2273 panic("%s: unexpected (missing) refcnt ndpr=%p", __func__, pr); 2274 /* NOTREACHED */ 2275 } 2276 2277 /* 2278 * Don't call pfxlist_onlink_check() here because we are 2279 * holding the NDPR lock and this could cause a deadlock when 2280 * there are multiple threads executing pfxlist_onlink_check(). 2281 */ 2282} 2283 2284int 2285prelist_update( 2286 struct nd_prefix *new, 2287 struct nd_defrouter *dr, /* may be NULL */ 2288 struct mbuf *m, 2289 int mcast) 2290{ 2291 struct in6_ifaddr *ia6 = NULL, *ia6_match = NULL; 2292 struct ifaddr *ifa; 2293 struct ifnet *ifp = new->ndpr_ifp; 2294 struct nd_prefix *pr; 2295 int error = 0; 2296 int newprefix = 0; 2297 int auth; 2298 struct in6_addrlifetime lt6_tmp; 2299 uint64_t timenow = net_uptime(); 2300 2301 /* no need to lock "new" here, as it is local to the caller */ 2302 NDPR_LOCK_ASSERT_NOTHELD(new); 2303 2304 auth = 0; 2305 if (m) { 2306 /* 2307 * Authenticity for NA consists authentication for 2308 * both IP header and IP datagrams, doesn't it ? 2309 */ 2310#if defined(M_AUTHIPHDR) && defined(M_AUTHIPDGM) 2311 auth = (m->m_flags & M_AUTHIPHDR) && (m->m_flags & M_AUTHIPDGM); 2312#endif 2313 } 2314 2315 if ((pr = nd6_prefix_lookup(new)) != NULL) { 2316 /* 2317 * nd6_prefix_lookup() ensures that pr and new have the same 2318 * prefix on a same interface. 2319 */ 2320 2321 /* 2322 * Update prefix information. Note that the on-link (L) bit 2323 * and the autonomous (A) bit should NOT be changed from 1 2324 * to 0. 2325 */ 2326 lck_mtx_lock(nd6_mutex); 2327 NDPR_LOCK(pr); 2328 if (new->ndpr_raf_onlink == 1) 2329 pr->ndpr_raf_onlink = 1; 2330 if (new->ndpr_raf_auto == 1) 2331 pr->ndpr_raf_auto = 1; 2332 if (new->ndpr_raf_onlink) { 2333 pr->ndpr_vltime = new->ndpr_vltime; 2334 pr->ndpr_pltime = new->ndpr_pltime; 2335 (void) in6_init_prefix_ltimes(pr); /* XXX error case? */ 2336 pr->ndpr_lastupdate = net_uptime(); 2337 } 2338 2339 NDPR_ADDREF_LOCKED(pr); 2340 if (new->ndpr_raf_onlink && 2341 (pr->ndpr_stateflags & NDPRF_ONLINK) == 0) { 2342 int e; 2343 2344 NDPR_UNLOCK(pr); 2345 if ((e = nd6_prefix_onlink(pr)) != 0) { 2346 nd6log((LOG_ERR, 2347 "prelist_update: failed to make " 2348 "the prefix %s/%d on-link on %s " 2349 "(errno=%d)\n", 2350 ip6_sprintf(&pr->ndpr_prefix.sin6_addr), 2351 pr->ndpr_plen, if_name(pr->ndpr_ifp), e)); 2352 /* proceed anyway. XXX: is it correct? */ 2353 } 2354 NDPR_LOCK(pr); 2355 } 2356 2357 if (dr && pfxrtr_lookup(pr, dr) == NULL) { 2358 NDPR_UNLOCK(pr); 2359 pfxrtr_add(pr, dr); 2360 } else { 2361 NDPR_UNLOCK(pr); 2362 } 2363 NDPR_REMREF(pr); 2364 lck_mtx_unlock(nd6_mutex); 2365 } else { 2366 struct nd_prefix *newpr = NULL; 2367 2368 newprefix = 1; 2369 2370 if (new->ndpr_vltime == 0) 2371 goto end; 2372 if (new->ndpr_raf_onlink == 0 && new->ndpr_raf_auto == 0) 2373 goto end; 2374 2375 bzero(&new->ndpr_addr, sizeof (struct in6_addr)); 2376 2377 error = nd6_prelist_add(new, dr, &newpr, FALSE); 2378 if (error != 0 || newpr == NULL) { 2379 nd6log((LOG_NOTICE, "prelist_update: " 2380 "nd6_prelist_add failed for %s/%d on %s " 2381 "errno=%d, returnpr=0x%llx\n", 2382 ip6_sprintf(&new->ndpr_prefix.sin6_addr), 2383 new->ndpr_plen, if_name(new->ndpr_ifp), 2384 error, (uint64_t)VM_KERNEL_ADDRPERM(newpr))); 2385 goto end; /* we should just give up in this case. */ 2386 } 2387 2388 /* 2389 * XXX: from the ND point of view, we can ignore a prefix 2390 * with the on-link bit being zero. However, we need a 2391 * prefix structure for references from autoconfigured 2392 * addresses. Thus, we explicitly make sure that the prefix 2393 * itself expires now. 2394 */ 2395 NDPR_LOCK(newpr); 2396 if (newpr->ndpr_raf_onlink == 0) { 2397 newpr->ndpr_vltime = 0; 2398 newpr->ndpr_pltime = 0; 2399 in6_init_prefix_ltimes(newpr); 2400 } 2401 2402 pr = newpr; 2403 NDPR_UNLOCK(newpr); 2404 } 2405 2406 /* 2407 * Address autoconfiguration based on Section 5.5.3 of RFC 4862. 2408 * Note that pr must be non NULL at this point. 2409 */ 2410 2411 /* 5.5.3 (a). Ignore the prefix without the A bit set. */ 2412 if (!new->ndpr_raf_auto) 2413 goto afteraddrconf; 2414 2415 /* 2416 * 5.5.3 (b). the link-local prefix should have been ignored in 2417 * nd6_ra_input. 2418 */ 2419 2420 /* 5.5.3 (c). Consistency check on lifetimes: pltime <= vltime. */ 2421 if (new->ndpr_pltime > new->ndpr_vltime) { 2422 error = EINVAL; /* XXX: won't be used */ 2423 goto end; 2424 } 2425 2426 /* 2427 * 5.5.3 (d). If the prefix advertised is not equal to the prefix of 2428 * an address configured by stateless autoconfiguration already in the 2429 * list of addresses associated with the interface, and the Valid 2430 * Lifetime is not 0, form an address. We first check if we have 2431 * a matching prefix. 2432 */ 2433 ifnet_lock_shared(ifp); 2434 TAILQ_FOREACH(ifa, &ifp->if_addrlist, ifa_list) { 2435 struct in6_ifaddr *ifa6; 2436 u_int32_t remaininglifetime; 2437 2438 IFA_LOCK(ifa); 2439 if (ifa->ifa_addr->sa_family != AF_INET6) { 2440 IFA_UNLOCK(ifa); 2441 continue; 2442 } 2443 ifa6 = (struct in6_ifaddr *)ifa; 2444 2445 /* 2446 * We only consider autoconfigured addresses as per RFC 4862. 2447 */ 2448 if (!(ifa6->ia6_flags & IN6_IFF_AUTOCONF)) { 2449 IFA_UNLOCK(ifa); 2450 continue; 2451 } 2452 /* 2453 * Spec is not clear here, but I believe we should concentrate 2454 * on unicast (i.e. not anycast) addresses. 2455 * XXX: other ia6_flags? detached or duplicated? 2456 */ 2457 if ((ifa6->ia6_flags & IN6_IFF_ANYCAST) != 0) { 2458 IFA_UNLOCK(ifa); 2459 continue; 2460 } 2461 /* 2462 * Ignore the address if it is not associated with a prefix 2463 * or is associated with a prefix that is different from this 2464 * one. (pr is never NULL here) 2465 */ 2466 if (ifa6->ia6_ndpr != pr) { 2467 IFA_UNLOCK(ifa); 2468 continue; 2469 } 2470 2471 if (ia6_match == NULL) { /* remember the first one */ 2472 ia6_match = ifa6; 2473 IFA_ADDREF_LOCKED(ifa); /* for ia6_match */ 2474 } 2475 2476 /* 2477 * An already autoconfigured address matched. Now that we 2478 * are sure there is at least one matched address, we can 2479 * proceed to 5.5.3. (e): update the lifetimes according to the 2480 * "two hours" rule and the privacy extension. 2481 */ 2482#define TWOHOUR (120*60) 2483 2484 /* retrieve time as uptime (last arg is 0) */ 2485 in6ifa_getlifetime(ifa6, <6_tmp, 0); 2486 2487 if (lt6_tmp.ia6t_vltime == ND6_INFINITE_LIFETIME) 2488 remaininglifetime = ND6_INFINITE_LIFETIME; 2489 else if (timenow - ifa6->ia6_updatetime > lt6_tmp.ia6t_vltime) { 2490 /* 2491 * The case of "invalid" address. We should usually 2492 * not see this case. 2493 */ 2494 remaininglifetime = 0; 2495 } else { 2496 remaininglifetime = lt6_tmp.ia6t_vltime - 2497 (timenow - ifa6->ia6_updatetime); 2498 } 2499 /* when not updating, keep the current stored lifetime. */ 2500 lt6_tmp.ia6t_vltime = remaininglifetime; 2501 2502 if (TWOHOUR < new->ndpr_vltime || 2503 remaininglifetime < new->ndpr_vltime) { 2504 lt6_tmp.ia6t_vltime = new->ndpr_vltime; 2505 } else if (remaininglifetime <= TWOHOUR) { 2506 if (auth) { 2507 lt6_tmp.ia6t_vltime = new->ndpr_vltime; 2508 } 2509 } else { 2510 /* 2511 * new->ndpr_vltime <= TWOHOUR && 2512 * TWOHOUR < remaininglifetime 2513 */ 2514 lt6_tmp.ia6t_vltime = TWOHOUR; 2515 } 2516 2517 /* The 2 hour rule is not imposed for preferred lifetime. */ 2518 lt6_tmp.ia6t_pltime = new->ndpr_pltime; 2519 2520 /* Special handling for lifetimes of temporary addresses. */ 2521 if ((ifa6->ia6_flags & IN6_IFF_TEMPORARY) != 0) { 2522 u_int32_t maxvltime, maxpltime; 2523 2524 /* Constrain lifetimes to system limits. */ 2525 if (lt6_tmp.ia6t_vltime > ip6_temp_valid_lifetime) 2526 lt6_tmp.ia6t_vltime = ip6_temp_valid_lifetime; 2527 if (lt6_tmp.ia6t_pltime > ip6_temp_preferred_lifetime) 2528 lt6_tmp.ia6t_pltime = 2529 ip6_temp_preferred_lifetime - 2530 ip6_desync_factor; 2531 2532 /* 2533 * According to RFC 4941, section 3.3 (1), we only 2534 * update the lifetimes when they are in the maximum 2535 * intervals. 2536 */ 2537 if (ip6_temp_valid_lifetime > 2538 (u_int32_t)((timenow - ifa6->ia6_createtime) + 2539 ip6_desync_factor)) { 2540 maxvltime = ip6_temp_valid_lifetime - 2541 (timenow - ifa6->ia6_createtime) - 2542 ip6_desync_factor; 2543 } else 2544 maxvltime = 0; 2545 if (ip6_temp_preferred_lifetime > 2546 (u_int32_t)((timenow - ifa6->ia6_createtime) + 2547 ip6_desync_factor)) { 2548 maxpltime = ip6_temp_preferred_lifetime - 2549 (timenow - ifa6->ia6_createtime) - 2550 ip6_desync_factor; 2551 } else 2552 maxpltime = 0; 2553 2554 if (lt6_tmp.ia6t_vltime == ND6_INFINITE_LIFETIME || 2555 lt6_tmp.ia6t_vltime > maxvltime) 2556 lt6_tmp.ia6t_vltime = maxvltime; 2557 2558 if (lt6_tmp.ia6t_pltime == ND6_INFINITE_LIFETIME || 2559 lt6_tmp.ia6t_pltime > maxpltime) 2560 lt6_tmp.ia6t_pltime = maxpltime; 2561 } 2562 2563 in6_init_address_ltimes(pr, <6_tmp); 2564 2565 in6ifa_setlifetime(ifa6, <6_tmp); 2566 ifa6->ia6_updatetime = timenow; 2567 IFA_UNLOCK(ifa); 2568 } 2569 ifnet_lock_done(ifp); 2570 if (ia6_match == NULL && new->ndpr_vltime) { 2571 /* 2572 * 5.5.3 (d) (continued) 2573 * No address matched and the valid lifetime is non-zero. 2574 * Create a new address. 2575 */ 2576 2577 if ((ia6 = in6_pfx_newpersistaddr(new, mcast, &error)) 2578 != NULL) { 2579 /* 2580 * note that we should use pr (not new) for reference. 2581 */ 2582 IFA_LOCK(&ia6->ia_ifa); 2583 NDPR_LOCK(pr); 2584 ia6->ia6_ndpr = pr; 2585 NDPR_ADDREF_LOCKED(pr); /* for addr reference */ 2586 pr->ndpr_addrcnt++; 2587 VERIFY(pr->ndpr_addrcnt != 0); 2588 NDPR_UNLOCK(pr); 2589 IFA_UNLOCK(&ia6->ia_ifa); 2590 2591 /* 2592 * RFC 4941 3.3 (2). 2593 * When a new public address is created as described 2594 * in RFC 4862, also create a new temporary address. 2595 * 2596 * RFC 4941 3.5. 2597 * When an interface connects to a new link, a new 2598 * randomized interface identifier should be generated 2599 * immediately together with a new set of temporary 2600 * addresses. Thus, we specifiy 1 as the 2nd arg of 2601 * in6_tmpifadd(). 2602 */ 2603 if (ip6_use_tempaddr) { 2604 int e; 2605 if ((e = in6_tmpifadd(ia6, 1)) != 0) { 2606 nd6log((LOG_NOTICE, "prelist_update: " 2607 "failed to create a temporary " 2608 "address, errno=%d\n", 2609 e)); 2610 } 2611 } 2612 IFA_REMREF(&ia6->ia_ifa); 2613 ia6 = NULL; 2614 2615 /* 2616 * A newly added address might affect the status 2617 * of other addresses, so we check and update it. 2618 * XXX: what if address duplication happens? 2619 */ 2620 lck_mtx_lock(nd6_mutex); 2621 pfxlist_onlink_check(); 2622 lck_mtx_unlock(nd6_mutex); 2623 } 2624 } 2625 2626afteraddrconf: 2627 2628end: 2629 if (pr != NULL) 2630 NDPR_REMREF(pr); 2631 if (ia6_match != NULL) 2632 IFA_REMREF(&ia6_match->ia_ifa); 2633 return (error); 2634} 2635 2636/* 2637 * Neighbor Discover Default Router structure reference counting routines. 2638 */ 2639static struct nd_defrouter * 2640nddr_alloc(int how) 2641{ 2642 struct nd_defrouter *dr; 2643 2644 dr = (how == M_WAITOK) ? zalloc(nddr_zone) : zalloc_noblock(nddr_zone); 2645 if (dr != NULL) { 2646 bzero(dr, nddr_size); 2647 lck_mtx_init(&dr->nddr_lock, ifa_mtx_grp, ifa_mtx_attr); 2648 dr->nddr_debug |= IFD_ALLOC; 2649 if (nddr_debug != 0) { 2650 dr->nddr_debug |= IFD_DEBUG; 2651 dr->nddr_trace = nddr_trace; 2652 } 2653 } 2654 return (dr); 2655} 2656 2657static void 2658nddr_free(struct nd_defrouter *dr) 2659{ 2660 NDDR_LOCK(dr); 2661 if (dr->nddr_debug & IFD_ATTACHED) { 2662 panic("%s: attached nddr %p is being freed", __func__, dr); 2663 /* NOTREACHED */ 2664 } else if (!(dr->nddr_debug & IFD_ALLOC)) { 2665 panic("%s: nddr %p cannot be freed", __func__, dr); 2666 /* NOTREACHED */ 2667 } 2668 dr->nddr_debug &= ~IFD_ALLOC; 2669 NDDR_UNLOCK(dr); 2670 2671 lck_mtx_destroy(&dr->nddr_lock, ifa_mtx_grp); 2672 zfree(nddr_zone, dr); 2673} 2674 2675static void 2676nddr_trace(struct nd_defrouter *dr, int refhold) 2677{ 2678 struct nd_defrouter_dbg *dr_dbg = (struct nd_defrouter_dbg *)dr; 2679 ctrace_t *tr; 2680 uint32_t idx; 2681 uint16_t *cnt; 2682 2683 if (!(dr->nddr_debug & IFD_DEBUG)) { 2684 panic("%s: nddr %p has no debug structure", __func__, dr); 2685 /* NOTREACHED */ 2686 } 2687 if (refhold) { 2688 cnt = &dr_dbg->nddr_refhold_cnt; 2689 tr = dr_dbg->nddr_refhold; 2690 } else { 2691 cnt = &dr_dbg->nddr_refrele_cnt; 2692 tr = dr_dbg->nddr_refrele; 2693 } 2694 2695 idx = atomic_add_16_ov(cnt, 1) % NDDR_TRACE_HIST_SIZE; 2696 ctrace_record(&tr[idx]); 2697} 2698 2699void 2700nddr_addref(struct nd_defrouter *nddr, int locked) 2701{ 2702 2703 if (!locked) 2704 NDDR_LOCK_SPIN(nddr); 2705 else 2706 NDDR_LOCK_ASSERT_HELD(nddr); 2707 2708 if (++nddr->nddr_refcount == 0) { 2709 panic("%s: nddr %p wraparound refcnt\n", __func__, nddr); 2710 /* NOTREACHED */ 2711 } else if (nddr->nddr_trace != NULL) { 2712 (*nddr->nddr_trace)(nddr, TRUE); 2713 } 2714 2715 if (!locked) 2716 NDDR_UNLOCK(nddr); 2717} 2718 2719struct nd_defrouter * 2720nddr_remref(struct nd_defrouter *nddr, int locked) 2721{ 2722 2723 if (!locked) 2724 NDDR_LOCK_SPIN(nddr); 2725 else 2726 NDDR_LOCK_ASSERT_HELD(nddr); 2727 2728 if (nddr->nddr_refcount == 0) { 2729 panic("%s: nddr %p negative refcnt\n", __func__, nddr); 2730 /* NOTREACHED */ 2731 } else if (nddr->nddr_trace != NULL) { 2732 (*nddr->nddr_trace)(nddr, FALSE); 2733 } 2734 2735 if (--nddr->nddr_refcount == 0) { 2736 NDDR_UNLOCK(nddr); 2737 nddr_free(nddr); 2738 nddr = NULL; 2739 } 2740 2741 if (!locked && nddr != NULL) 2742 NDDR_UNLOCK(nddr); 2743 2744 return (nddr); 2745} 2746 2747uint64_t 2748nddr_getexpire(struct nd_defrouter *dr) 2749{ 2750 struct timeval caltime; 2751 uint64_t expiry; 2752 2753 if (dr->expire != 0) { 2754 /* account for system time change */ 2755 getmicrotime(&caltime); 2756 2757 dr->base_calendartime += 2758 NET_CALCULATE_CLOCKSKEW(caltime, 2759 dr->base_calendartime, net_uptime(), dr->base_uptime); 2760 2761 expiry = dr->base_calendartime + 2762 dr->expire - dr->base_uptime; 2763 } else { 2764 expiry = 0; 2765 } 2766 return (expiry); 2767} 2768 2769/* 2770 * Neighbor Discover Prefix structure reference counting routines. 2771 */ 2772static struct nd_prefix * 2773ndpr_alloc(int how) 2774{ 2775 struct nd_prefix *pr; 2776 2777 pr = (how == M_WAITOK) ? zalloc(ndpr_zone) : zalloc_noblock(ndpr_zone); 2778 if (pr != NULL) { 2779 bzero(pr, ndpr_size); 2780 lck_mtx_init(&pr->ndpr_lock, ifa_mtx_grp, ifa_mtx_attr); 2781 RB_INIT(&pr->ndpr_prproxy_sols); 2782 pr->ndpr_debug |= IFD_ALLOC; 2783 if (ndpr_debug != 0) { 2784 pr->ndpr_debug |= IFD_DEBUG; 2785 pr->ndpr_trace = ndpr_trace; 2786 } 2787 } 2788 return (pr); 2789} 2790 2791static void 2792ndpr_free(struct nd_prefix *pr) 2793{ 2794 NDPR_LOCK(pr); 2795 if (pr->ndpr_debug & IFD_ATTACHED) { 2796 panic("%s: attached ndpr %p is being freed", __func__, pr); 2797 /* NOTREACHED */ 2798 } else if (!(pr->ndpr_debug & IFD_ALLOC)) { 2799 panic("%s: ndpr %p cannot be freed", __func__, pr); 2800 /* NOTREACHED */ 2801 } else if (pr->ndpr_rt != NULL) { 2802 panic("%s: ndpr %p route %p not freed", __func__, pr, 2803 pr->ndpr_rt); 2804 /* NOTREACHED */ 2805 } else if (pr->ndpr_prproxy_sols_cnt != 0) { 2806 panic("%s: ndpr %p non-zero solicitors count (%d)", 2807 __func__, pr, pr->ndpr_prproxy_sols_cnt); 2808 /* NOTREACHED */ 2809 } else if (!RB_EMPTY(&pr->ndpr_prproxy_sols)) { 2810 panic("%s: ndpr %p non-empty solicitors tree", __func__, pr); 2811 /* NOTREACHED */ 2812 } 2813 pr->ndpr_debug &= ~IFD_ALLOC; 2814 NDPR_UNLOCK(pr); 2815 2816 lck_mtx_destroy(&pr->ndpr_lock, ifa_mtx_grp); 2817 zfree(ndpr_zone, pr); 2818} 2819 2820static void 2821ndpr_trace(struct nd_prefix *pr, int refhold) 2822{ 2823 struct nd_prefix_dbg *pr_dbg = (struct nd_prefix_dbg *)pr; 2824 ctrace_t *tr; 2825 u_int32_t idx; 2826 u_int16_t *cnt; 2827 2828 if (!(pr->ndpr_debug & IFD_DEBUG)) { 2829 panic("%s: ndpr %p has no debug structure", __func__, pr); 2830 /* NOTREACHED */ 2831 } 2832 if (refhold) { 2833 cnt = &pr_dbg->ndpr_refhold_cnt; 2834 tr = pr_dbg->ndpr_refhold; 2835 } else { 2836 cnt = &pr_dbg->ndpr_refrele_cnt; 2837 tr = pr_dbg->ndpr_refrele; 2838 } 2839 2840 idx = atomic_add_16_ov(cnt, 1) % NDPR_TRACE_HIST_SIZE; 2841 ctrace_record(&tr[idx]); 2842} 2843 2844void 2845ndpr_addref(struct nd_prefix *ndpr, int locked) 2846{ 2847 if (!locked) 2848 NDPR_LOCK_SPIN(ndpr); 2849 else 2850 NDPR_LOCK_ASSERT_HELD(ndpr); 2851 2852 if (++ndpr->ndpr_refcount == 0) { 2853 panic("%s: ndpr %p wraparound refcnt\n", __func__, ndpr); 2854 /* NOTREACHED */ 2855 } else if (ndpr->ndpr_trace != NULL) { 2856 (*ndpr->ndpr_trace)(ndpr, TRUE); 2857 } 2858 2859 if (!locked) 2860 NDPR_UNLOCK(ndpr); 2861} 2862 2863struct nd_prefix * 2864ndpr_remref(struct nd_prefix *ndpr, int locked) 2865{ 2866 if (!locked) 2867 NDPR_LOCK_SPIN(ndpr); 2868 else 2869 NDPR_LOCK_ASSERT_HELD(ndpr); 2870 2871 if (ndpr->ndpr_refcount == 0) { 2872 panic("%s: ndpr %p negative refcnt\n", __func__, ndpr); 2873 /* NOTREACHED */ 2874 } else if (ndpr->ndpr_trace != NULL) { 2875 (*ndpr->ndpr_trace)(ndpr, FALSE); 2876 } 2877 2878 if (--ndpr->ndpr_refcount == 0) { 2879 if (ndpr->ndpr_addrcnt != 0) { 2880 panic("%s: freeing ndpr %p with outstanding address " 2881 "reference (%d)", __func__, ndpr, 2882 ndpr->ndpr_addrcnt); 2883 /* NOTREACHED */ 2884 } 2885 NDPR_UNLOCK(ndpr); 2886 ndpr_free(ndpr); 2887 ndpr = NULL; 2888 } 2889 2890 if (!locked && ndpr != NULL) 2891 NDPR_UNLOCK(ndpr); 2892 2893 return (ndpr); 2894} 2895 2896uint64_t 2897ndpr_getexpire(struct nd_prefix *pr) 2898{ 2899 struct timeval caltime; 2900 uint64_t expiry; 2901 2902 if (pr->ndpr_expire != 0 && pr->ndpr_vltime != ND6_INFINITE_LIFETIME) { 2903 /* account for system time change */ 2904 getmicrotime(&caltime); 2905 2906 pr->ndpr_base_calendartime += 2907 NET_CALCULATE_CLOCKSKEW(caltime, 2908 pr->ndpr_base_calendartime, net_uptime(), 2909 pr->ndpr_base_uptime); 2910 2911 expiry = pr->ndpr_base_calendartime + 2912 pr->ndpr_expire - pr->ndpr_base_uptime; 2913 } else { 2914 expiry = 0; 2915 } 2916 return (expiry); 2917} 2918 2919/* 2920 * A supplement function used in the on-link detection below; 2921 * detect if a given prefix has a (probably) reachable advertising router. 2922 * XXX: lengthy function name... 2923 * 2924 * Callers *must* increase the reference count of nd_prefix. 2925 */ 2926static struct nd_pfxrouter * 2927find_pfxlist_reachable_router(struct nd_prefix *pr) 2928{ 2929 struct nd_pfxrouter *pfxrtr; 2930 struct rtentry *rt; 2931 struct llinfo_nd6 *ln; 2932 struct ifnet *ifp; 2933 struct in6_addr rtaddr; 2934 unsigned int genid; 2935 2936 lck_mtx_assert(nd6_mutex, LCK_MTX_ASSERT_OWNED); 2937 NDPR_LOCK_ASSERT_HELD(pr); 2938 2939 genid = pr->ndpr_genid; 2940 pfxrtr = LIST_FIRST(&pr->ndpr_advrtrs); 2941 while (pfxrtr) { 2942 ifp = pfxrtr->router->ifp; 2943 rtaddr = pfxrtr->router->rtaddr; 2944 NDPR_UNLOCK(pr); 2945 lck_mtx_unlock(nd6_mutex); 2946 /* Callee returns a locked route upon success */ 2947 if ((rt = nd6_lookup(&rtaddr, 0, ifp, 0)) != NULL) { 2948 RT_LOCK_ASSERT_HELD(rt); 2949 if ((ln = rt->rt_llinfo) != NULL && 2950 ND6_IS_LLINFO_PROBREACH(ln)) { 2951 RT_REMREF_LOCKED(rt); 2952 RT_UNLOCK(rt); 2953 lck_mtx_lock(nd6_mutex); 2954 NDPR_LOCK(pr); 2955 break; /* found */ 2956 } 2957 RT_REMREF_LOCKED(rt); 2958 RT_UNLOCK(rt); 2959 } 2960 lck_mtx_lock(nd6_mutex); 2961 NDPR_LOCK(pr); 2962 if (pr->ndpr_genid != genid) { 2963 pfxrtr = LIST_FIRST(&pr->ndpr_advrtrs); 2964 genid = pr->ndpr_genid; 2965 } else 2966 pfxrtr = LIST_NEXT(pfxrtr, pfr_entry); 2967 } 2968 NDPR_LOCK_ASSERT_HELD(pr); 2969 2970 return (pfxrtr); 2971 2972} 2973 2974/* 2975 * Check if each prefix in the prefix list has at least one available router 2976 * that advertised the prefix (a router is "available" if its neighbor cache 2977 * entry is reachable or probably reachable). 2978 * If the check fails, the prefix may be off-link, because, for example, 2979 * we have moved from the network but the lifetime of the prefix has not 2980 * expired yet. So we should not use the prefix if there is another prefix 2981 * that has an available router. 2982 * But, if there is no prefix that has an available router, we still regards 2983 * all the prefixes as on-link. This is because we can't tell if all the 2984 * routers are simply dead or if we really moved from the network and there 2985 * is no router around us. 2986 */ 2987void 2988pfxlist_onlink_check(void) 2989{ 2990 struct nd_prefix *pr, *prclear; 2991 struct in6_ifaddr *ifa; 2992 struct nd_defrouter *dr; 2993 struct nd_pfxrouter *pfxrtr = NULL; 2994 int err, i, found = 0; 2995 struct ifaddr **ifap = NULL; 2996 struct nd_prefix *ndpr; 2997 2998 lck_mtx_assert(nd6_mutex, LCK_MTX_ASSERT_OWNED); 2999 3000 while (nd_prefix_busy) { 3001 nd_prefix_waiters++; 3002 msleep(nd_prefix_waitchan, nd6_mutex, (PZERO-1), 3003 __func__, NULL); 3004 lck_mtx_assert(nd6_mutex, LCK_MTX_ASSERT_OWNED); 3005 } 3006 nd_prefix_busy = TRUE; 3007 3008 /* 3009 * Check if there is a prefix that has a reachable advertising 3010 * router. 3011 */ 3012 pr = nd_prefix.lh_first; 3013 while (pr) { 3014 NDPR_LOCK(pr); 3015 if (pr->ndpr_stateflags & NDPRF_PROCESSED_ONLINK) { 3016 NDPR_UNLOCK(pr); 3017 pr = pr->ndpr_next; 3018 continue; 3019 } 3020 NDPR_ADDREF_LOCKED(pr); 3021 if (pr->ndpr_raf_onlink && find_pfxlist_reachable_router(pr) && 3022 (pr->ndpr_debug & IFD_ATTACHED)) { 3023 if (NDPR_REMREF_LOCKED(pr) == NULL) 3024 pr = NULL; 3025 else 3026 NDPR_UNLOCK(pr); 3027 break; 3028 } 3029 pr->ndpr_stateflags |= NDPRF_PROCESSED_ONLINK; 3030 NDPR_UNLOCK(pr); 3031 NDPR_REMREF(pr); 3032 /* 3033 * Since find_pfxlist_reachable_router() drops the nd6_mutex, we 3034 * have to start over, but the NDPRF_PROCESSED_ONLINK flag will 3035 * stop us from checking the same prefix twice. 3036 */ 3037 pr = nd_prefix.lh_first; 3038 } 3039 LIST_FOREACH(prclear, &nd_prefix, ndpr_entry) { 3040 NDPR_LOCK(prclear); 3041 prclear->ndpr_stateflags &= ~NDPRF_PROCESSED_ONLINK; 3042 NDPR_UNLOCK(prclear); 3043 } 3044 /* 3045 * If we have no such prefix, check whether we still have a router 3046 * that does not advertise any prefixes. 3047 */ 3048 if (pr == NULL) { 3049 for (dr = TAILQ_FIRST(&nd_defrouter); dr; 3050 dr = TAILQ_NEXT(dr, dr_entry)) { 3051 struct nd_prefix *pr0; 3052 3053 for (pr0 = nd_prefix.lh_first; pr0; 3054 pr0 = pr0->ndpr_next) { 3055 NDPR_LOCK(pr0); 3056 if ((pfxrtr = pfxrtr_lookup(pr0, dr)) != NULL) { 3057 NDPR_UNLOCK(pr0); 3058 break; 3059 } 3060 NDPR_UNLOCK(pr0); 3061 } 3062 if (pfxrtr != NULL) 3063 break; 3064 } 3065 } 3066 if (pr != NULL || (TAILQ_FIRST(&nd_defrouter) && pfxrtr == NULL)) { 3067 /* 3068 * There is at least one prefix that has a reachable router, 3069 * or at least a router which probably does not advertise 3070 * any prefixes. The latter would be the case when we move 3071 * to a new link where we have a router that does not provide 3072 * prefixes and we configure an address by hand. 3073 * Detach prefixes which have no reachable advertising 3074 * router, and attach other prefixes. 3075 */ 3076 pr = nd_prefix.lh_first; 3077 while (pr) { 3078 NDPR_LOCK(pr); 3079 /* 3080 * We aren't interested prefixes already processed, 3081 * nor in prefixes without the L bit 3082 * set nor in static prefixes 3083 */ 3084 if (pr->ndpr_raf_onlink == 0 || 3085 pr->ndpr_stateflags & NDPRF_PROCESSED_ONLINK || 3086 pr->ndpr_stateflags & NDPRF_STATIC) { 3087 NDPR_UNLOCK(pr); 3088 pr = pr->ndpr_next; 3089 continue; 3090 } 3091 NDPR_ADDREF_LOCKED(pr); 3092 if ((pr->ndpr_stateflags & NDPRF_DETACHED) == 0 && 3093 find_pfxlist_reachable_router(pr) == NULL && 3094 (pr->ndpr_debug & IFD_ATTACHED)) 3095 pr->ndpr_stateflags |= NDPRF_DETACHED; 3096 if ((pr->ndpr_stateflags & NDPRF_DETACHED) != 0 && 3097 find_pfxlist_reachable_router(pr) != NULL && 3098 (pr->ndpr_debug & IFD_ATTACHED)) 3099 pr->ndpr_stateflags &= ~NDPRF_DETACHED; 3100 pr->ndpr_stateflags |= NDPRF_PROCESSED_ONLINK; 3101 NDPR_UNLOCK(pr); 3102 NDPR_REMREF(pr); 3103 /* 3104 * Since find_pfxlist_reachable_router() drops the 3105 * nd6_mutex, we have to start over, but the 3106 * NDPRF_PROCESSED_ONLINK flag will stop us from 3107 * checking the same prefix twice. 3108 */ 3109 pr = nd_prefix.lh_first; 3110 } 3111 } else { 3112 /* there is no prefix that has a reachable router */ 3113 for (pr = nd_prefix.lh_first; pr; pr = pr->ndpr_next) { 3114 NDPR_LOCK(pr); 3115 if (pr->ndpr_raf_onlink == 0 || 3116 pr->ndpr_stateflags & NDPRF_STATIC) { 3117 NDPR_UNLOCK(pr); 3118 continue; 3119 } 3120 if ((pr->ndpr_stateflags & NDPRF_DETACHED) != 0) 3121 pr->ndpr_stateflags &= ~NDPRF_DETACHED; 3122 NDPR_UNLOCK(pr); 3123 } 3124 } 3125 LIST_FOREACH(prclear, &nd_prefix, ndpr_entry) { 3126 NDPR_LOCK(prclear); 3127 prclear->ndpr_stateflags &= ~NDPRF_PROCESSED_ONLINK; 3128 NDPR_UNLOCK(prclear); 3129 } 3130 /* 3131 * Remove each interface route associated with a (just) detached 3132 * prefix, and reinstall the interface route for a (just) attached 3133 * prefix. Note that all attempt of reinstallation does not 3134 * necessarily success, when a same prefix is shared among multiple 3135 * interfaces. Such cases will be handled in nd6_prefix_onlink, 3136 * so we don't have to care about them. 3137 */ 3138 pr = nd_prefix.lh_first; 3139 while (pr) { 3140 int e; 3141 3142 NDPR_LOCK(pr); 3143 if (pr->ndpr_raf_onlink == 0 || 3144 pr->ndpr_stateflags & NDPRF_STATIC || 3145 pr->ndpr_stateflags & NDPRF_PROCESSED_ONLINK || 3146 pr->ndpr_stateflags & NDPRF_DEFUNCT) { 3147 NDPR_UNLOCK(pr); 3148 pr = pr->ndpr_next; 3149 continue; 3150 } 3151 pr->ndpr_stateflags |= NDPRF_PROCESSED_ONLINK; 3152 NDPR_ADDREF_LOCKED(pr); 3153 if ((pr->ndpr_stateflags & NDPRF_DETACHED) != 0 && 3154 (pr->ndpr_stateflags & NDPRF_ONLINK) != 0) { 3155 NDPR_UNLOCK(pr); 3156 lck_mtx_unlock(nd6_mutex); 3157 if ((e = nd6_prefix_offlink(pr)) != 0) { 3158 nd6log((LOG_ERR, 3159 "pfxlist_onlink_check: failed to " 3160 "make %s/%d offlink, errno=%d\n", 3161 ip6_sprintf(&pr->ndpr_prefix.sin6_addr), 3162 pr->ndpr_plen, e)); 3163 } 3164 lck_mtx_lock(nd6_mutex); 3165 NDPR_REMREF(pr); 3166 pr = nd_prefix.lh_first; 3167 continue; 3168 } 3169 if ((pr->ndpr_stateflags & NDPRF_DETACHED) == 0 && 3170 (pr->ndpr_stateflags & NDPRF_ONLINK) == 0 && 3171 pr->ndpr_raf_onlink) { 3172 NDPR_UNLOCK(pr); 3173 if ((e = nd6_prefix_onlink(pr)) != 0) { 3174 nd6log((LOG_ERR, 3175 "pfxlist_onlink_check: failed to " 3176 "make %s/%d offlink, errno=%d\n", 3177 ip6_sprintf(&pr->ndpr_prefix.sin6_addr), 3178 pr->ndpr_plen, e)); 3179 } 3180 NDPR_REMREF(pr); 3181 pr = nd_prefix.lh_first; 3182 continue; 3183 } else { 3184 NDPR_UNLOCK(pr); 3185 } 3186 NDPR_REMREF(pr); 3187 pr = pr->ndpr_next; 3188 } 3189 LIST_FOREACH(prclear, &nd_prefix, ndpr_entry) { 3190 NDPR_LOCK(prclear); 3191 prclear->ndpr_stateflags &= ~NDPRF_PROCESSED_ONLINK; 3192 NDPR_UNLOCK(prclear); 3193 } 3194 VERIFY(nd_prefix_busy); 3195 nd_prefix_busy = FALSE; 3196 if (nd_prefix_waiters > 0) { 3197 nd_prefix_waiters = 0; 3198 wakeup(nd_prefix_waitchan); 3199 } 3200 3201 /* 3202 * Changes on the prefix status might affect address status as well. 3203 * Make sure that all addresses derived from an attached prefix are 3204 * attached, and that all addresses derived from a detached prefix are 3205 * detached. Note, however, that a manually configured address should 3206 * always be attached. 3207 * The precise detection logic is same as the one for prefixes. 3208 * 3209 * ifnet_get_address_list_family_internal() may fail due to memory 3210 * pressure, but we will eventually be called again when we receive 3211 * another NA, RA, or when the link status changes. 3212 */ 3213 err = ifnet_get_address_list_family_internal(NULL, &ifap, AF_INET6, 0, 3214 M_NOWAIT, 0); 3215 if (err != 0 || ifap == NULL) { 3216 nd6log((LOG_ERR, "%s: ifnet_get_address_list_family_internal " 3217 "failed", __func__)); 3218 return; 3219 } 3220 for (i = 0; ifap[i]; i++) { 3221 ifa = ifatoia6(ifap[i]); 3222 IFA_LOCK(&ifa->ia_ifa); 3223 if ((ifa->ia6_flags & IN6_IFF_AUTOCONF) == 0 || 3224 (ifap[i]->ifa_debug & IFD_ATTACHED) == 0) { 3225 IFA_UNLOCK(&ifa->ia_ifa); 3226 continue; 3227 } 3228 if ((ndpr = ifa->ia6_ndpr) == NULL) { 3229 /* 3230 * This can happen when we first configure the address 3231 * (i.e. the address exists, but the prefix does not). 3232 * XXX: complicated relationships... 3233 */ 3234 IFA_UNLOCK(&ifa->ia_ifa); 3235 continue; 3236 } 3237 IFA_UNLOCK(&ifa->ia_ifa); 3238 3239 NDPR_LOCK(ndpr); 3240 NDPR_ADDREF_LOCKED(ndpr); 3241 if (find_pfxlist_reachable_router(ndpr)) { 3242 if (NDPR_REMREF_LOCKED(ndpr) == NULL) { 3243 found = 0; 3244 } else { 3245 NDPR_UNLOCK(ndpr); 3246 found = 1; 3247 } 3248 break; 3249 } 3250 NDPR_UNLOCK(ndpr); 3251 NDPR_REMREF(ndpr); 3252 } 3253 if (found) { 3254 for (i = 0; ifap[i]; i++) { 3255 ifa = ifatoia6(ifap[i]); 3256 IFA_LOCK(&ifa->ia_ifa); 3257 if ((ifa->ia6_flags & IN6_IFF_AUTOCONF) == 0 || 3258 (ifap[i]->ifa_debug & IFD_ATTACHED) == 0) { 3259 IFA_UNLOCK(&ifa->ia_ifa); 3260 continue; 3261 } 3262 if ((ndpr = ifa->ia6_ndpr) == NULL) { 3263 /* XXX: see above. */ 3264 IFA_UNLOCK(&ifa->ia_ifa); 3265 continue; 3266 } 3267 IFA_UNLOCK(&ifa->ia_ifa); 3268 NDPR_LOCK(ndpr); 3269 NDPR_ADDREF_LOCKED(ndpr); 3270 if (find_pfxlist_reachable_router(ndpr)) { 3271 NDPR_UNLOCK(ndpr); 3272 IFA_LOCK(&ifa->ia_ifa); 3273 if (ifa->ia6_flags & IN6_IFF_DETACHED) { 3274 ifa->ia6_flags &= ~IN6_IFF_DETACHED; 3275 ifa->ia6_flags |= IN6_IFF_TENTATIVE; 3276 IFA_UNLOCK(&ifa->ia_ifa); 3277 nd6_dad_start((struct ifaddr *)ifa, 0); 3278 } else { 3279 IFA_UNLOCK(&ifa->ia_ifa); 3280 } 3281 } else { 3282 NDPR_UNLOCK(ndpr); 3283 IFA_LOCK(&ifa->ia_ifa); 3284 ifa->ia6_flags |= IN6_IFF_DETACHED; 3285 IFA_UNLOCK(&ifa->ia_ifa); 3286 } 3287 NDPR_REMREF(ndpr); 3288 } 3289 } else { 3290 for (i = 0; ifap[i]; i++) { 3291 ifa = ifatoia6(ifap[i]); 3292 IFA_LOCK(&ifa->ia_ifa); 3293 if ((ifa->ia6_flags & IN6_IFF_AUTOCONF) == 0) { 3294 IFA_UNLOCK(&ifa->ia_ifa); 3295 continue; 3296 } 3297 if (ifa->ia6_flags & IN6_IFF_DETACHED) { 3298 ifa->ia6_flags &= ~IN6_IFF_DETACHED; 3299 ifa->ia6_flags |= IN6_IFF_TENTATIVE; 3300 IFA_UNLOCK(&ifa->ia_ifa); 3301 /* Do we need a delay in this case? */ 3302 nd6_dad_start((struct ifaddr *)ifa, 0); 3303 } else { 3304 IFA_UNLOCK(&ifa->ia_ifa); 3305 } 3306 } 3307 } 3308 ifnet_free_address_list(ifap); 3309} 3310 3311static struct nd_prefix * 3312nd6_prefix_equal_lookup(struct nd_prefix *pr, boolean_t primary_only) 3313{ 3314 struct nd_prefix *opr; 3315 3316 lck_mtx_assert(nd6_mutex, LCK_MTX_ASSERT_OWNED); 3317 3318 for (opr = nd_prefix.lh_first; opr; opr = opr->ndpr_next) { 3319 if (opr == pr) 3320 continue; 3321 3322 NDPR_LOCK(opr); 3323 if ((opr->ndpr_stateflags & NDPRF_ONLINK) == 0) { 3324 NDPR_UNLOCK(opr); 3325 continue; 3326 } 3327 if (opr->ndpr_plen == pr->ndpr_plen && 3328 in6_are_prefix_equal(&pr->ndpr_prefix.sin6_addr, 3329 &opr->ndpr_prefix.sin6_addr, pr->ndpr_plen) && 3330 (!primary_only || 3331 !(opr->ndpr_stateflags & NDPRF_IFSCOPE))) { 3332 NDPR_ADDREF_LOCKED(opr); 3333 NDPR_UNLOCK(opr); 3334 return (opr); 3335 } 3336 NDPR_UNLOCK(opr); 3337 } 3338 return (NULL); 3339} 3340 3341/* 3342 * Synchronize the interface routes of similar prefixes on different 3343 * interfaces; the one using the default interface would be (re)installed 3344 * as a primary/non-scoped entry, and the rest as scoped entri(es). 3345 */ 3346static void 3347nd6_prefix_sync(struct ifnet *ifp) 3348{ 3349 struct nd_prefix *pr, *opr; 3350 int err = 0; 3351 3352 lck_mtx_assert(nd6_mutex, LCK_MTX_ASSERT_OWNED); 3353 3354 if (!ip6_doscopedroute || ifp == NULL) 3355 return; 3356 3357 for (pr = nd_prefix.lh_first; pr; pr = pr->ndpr_next) { 3358 NDPR_LOCK(pr); 3359 if (!(pr->ndpr_stateflags & NDPRF_ONLINK)) { 3360 NDPR_UNLOCK(pr); 3361 continue; 3362 } 3363 if (pr->ndpr_ifp == ifp && 3364 (pr->ndpr_stateflags & NDPRF_IFSCOPE) && 3365 !IN6_IS_ADDR_LINKLOCAL(&pr->ndpr_prefix.sin6_addr)) { 3366 NDPR_UNLOCK(pr); 3367 break; 3368 } 3369 NDPR_UNLOCK(pr); 3370 } 3371 3372 if (pr == NULL) 3373 return; 3374 3375 /* Remove conflicting entries */ 3376 opr = nd6_prefix_equal_lookup(pr, TRUE); 3377 if (opr != NULL) { 3378 lck_mtx_unlock(nd6_mutex); 3379 err = nd6_prefix_offlink(opr); 3380 lck_mtx_lock(nd6_mutex); 3381 if (err != 0) { 3382 nd6log((LOG_ERR, 3383 "%s: failed to make %s/%d offlink on %s, " 3384 "errno=%d\n", __func__, 3385 ip6_sprintf(&opr->ndpr_prefix.sin6_addr), 3386 opr->ndpr_plen, if_name(opr->ndpr_ifp), err)); 3387 } 3388 } else { 3389 nd6log((LOG_ERR, 3390 "%s: scoped %s/%d on %s has no matching unscoped prefix\n", 3391 __func__, ip6_sprintf(&pr->ndpr_prefix.sin6_addr), 3392 pr->ndpr_plen, if_name(pr->ndpr_ifp))); 3393 } 3394 3395 lck_mtx_unlock(nd6_mutex); 3396 err = nd6_prefix_offlink(pr); 3397 lck_mtx_lock(nd6_mutex); 3398 if (err != 0) { 3399 nd6log((LOG_ERR, 3400 "%s: failed to make %s/%d offlink on %s, errno=%d\n", 3401 __func__, ip6_sprintf(&pr->ndpr_prefix.sin6_addr), 3402 pr->ndpr_plen, if_name(pr->ndpr_ifp), err)); 3403 } 3404 3405 /* Add the entries back */ 3406 if (opr != NULL) { 3407 err = nd6_prefix_onlink_scoped(opr, opr->ndpr_ifp->if_index); 3408 if (err != 0) { 3409 nd6log((LOG_ERR, 3410 "%s: failed to make %s/%d scoped onlink on %s, " 3411 "errno=%d\n", __func__, 3412 ip6_sprintf(&opr->ndpr_prefix.sin6_addr), 3413 opr->ndpr_plen, if_name(opr->ndpr_ifp), err)); 3414 } 3415 } 3416 3417 err = nd6_prefix_onlink_scoped(pr, IFSCOPE_NONE); 3418 if (err != 0) { 3419 nd6log((LOG_ERR, 3420 "%s: failed to make %s/%d onlink on %s, errno=%d\n", 3421 __func__, ip6_sprintf(&pr->ndpr_prefix.sin6_addr), 3422 pr->ndpr_plen, if_name(pr->ndpr_ifp), err)); 3423 } 3424 3425 if (err != 0) { 3426 nd6log((LOG_ERR, 3427 "%s: error promoting %s/%d to %s from %s\n", 3428 __func__, ip6_sprintf(&pr->ndpr_prefix.sin6_addr), 3429 pr->ndpr_plen, if_name(pr->ndpr_ifp), 3430 (opr != NULL) ? if_name(opr->ndpr_ifp) : "NONE")); 3431 } else { 3432 nd6log2((LOG_INFO, 3433 "%s: %s/%d promoted, previously on %s\n", 3434 if_name(pr->ndpr_ifp), 3435 ip6_sprintf(&pr->ndpr_prefix.sin6_addr), pr->ndpr_plen, 3436 (opr != NULL) ? if_name(opr->ndpr_ifp) : "NONE")); 3437 } 3438 3439 if (opr != NULL) 3440 NDPR_REMREF(opr); 3441} 3442 3443static int 3444nd6_prefix_onlink_common(struct nd_prefix *pr, boolean_t force_scoped, 3445 unsigned int ifscope) 3446{ 3447 struct ifaddr *ifa; 3448 struct ifnet *ifp = pr->ndpr_ifp; 3449 struct sockaddr_in6 mask6, prefix; 3450 struct nd_prefix *opr; 3451 u_int32_t rtflags; 3452 int error = 0, prproxy = 0; 3453 struct rtentry *rt = NULL; 3454 3455 lck_mtx_assert(nd6_mutex, LCK_MTX_ASSERT_OWNED); 3456 3457 /* sanity check */ 3458 NDPR_LOCK(pr); 3459 if ((pr->ndpr_stateflags & NDPRF_ONLINK) != 0) { 3460 nd6log((LOG_ERR, 3461 "%s: %s/%d on %s scoped=%d is already on-link\n", 3462 __func__, ip6_sprintf(&pr->ndpr_prefix.sin6_addr), 3463 pr->ndpr_plen, if_name(pr->ndpr_ifp), 3464 (pr->ndpr_stateflags & NDPRF_IFSCOPE) ? 1 : 0); 3465 NDPR_UNLOCK(pr); 3466 return (EEXIST)); 3467 } 3468 NDPR_UNLOCK(pr); 3469 3470 /* 3471 * Add the interface route associated with the prefix. Before 3472 * installing the route, check if there's the same prefix on another 3473 * interface, and the prefix has already installed the interface route. 3474 */ 3475 opr = nd6_prefix_equal_lookup(pr, FALSE); 3476 if (opr != NULL) 3477 NDPR_REMREF(opr); 3478 3479 if (!ip6_doscopedroute) { 3480 /* if an interface route already exists, just return */ 3481 if (opr != NULL) 3482 return (0); 3483 ifscope = IFSCOPE_NONE; 3484 } else if (!force_scoped) { 3485 /* 3486 * If a primary/non-scoped interface route already exists, 3487 * install the new one as a scoped entry. If the existing 3488 * interface route is scoped, install new as non-scoped. 3489 */ 3490 ifscope = (opr != NULL) ? ifp->if_index : IFSCOPE_NONE; 3491 opr = nd6_prefix_equal_lookup(pr, TRUE); 3492 if (opr != NULL) 3493 NDPR_REMREF(opr); 3494 else if (ifscope != IFSCOPE_NONE) 3495 ifscope = IFSCOPE_NONE; 3496 } 3497 3498 /* 3499 * We prefer link-local addresses as the associated interface address. 3500 */ 3501 /* search for a link-local addr */ 3502 ifa = (struct ifaddr *)in6ifa_ifpforlinklocal(ifp, 3503 IN6_IFF_NOTREADY | IN6_IFF_ANYCAST); 3504 if (ifa == NULL) { 3505 struct in6_ifaddr *ia6; 3506 ifnet_lock_shared(ifp); 3507 IFP_TO_IA6(ifp, ia6); 3508 ifnet_lock_done(ifp); 3509 if (ia6 != NULL) 3510 ifa = &ia6->ia_ifa; 3511 /* should we care about ia6_flags? */ 3512 } 3513 NDPR_LOCK(pr); 3514 if (ifa == NULL) { 3515 /* 3516 * This can still happen, when, for example, we receive an RA 3517 * containing a prefix with the L bit set and the A bit clear, 3518 * after removing all IPv6 addresses on the receiving 3519 * interface. This should, of course, be rare though. 3520 */ 3521 nd6log((LOG_NOTICE, 3522 "nd6_prefix_onlink: failed to find any ifaddr" 3523 " to add route for a prefix(%s/%d) on %s\n", 3524 ip6_sprintf(&pr->ndpr_prefix.sin6_addr), 3525 pr->ndpr_plen, if_name(ifp))); 3526 NDPR_UNLOCK(pr); 3527 return (0); 3528 } 3529 3530 /* 3531 * in6_ifinit() sets nd6_rtrequest to ifa_rtrequest for all ifaddrs. 3532 * ifa->ifa_rtrequest = nd6_rtrequest; 3533 */ 3534 bzero(&mask6, sizeof (mask6)); 3535 mask6.sin6_len = sizeof (mask6); 3536 mask6.sin6_addr = pr->ndpr_mask; 3537 prefix = pr->ndpr_prefix; 3538 if ((rt = pr->ndpr_rt) != NULL) 3539 pr->ndpr_rt = NULL; 3540 NDPR_ADDREF_LOCKED(pr); /* keep reference for this routine */ 3541 NDPR_UNLOCK(pr); 3542 3543 IFA_LOCK_SPIN(ifa); 3544 rtflags = ifa->ifa_flags | RTF_CLONING | RTF_UP; 3545 IFA_UNLOCK(ifa); 3546 if (nd6_need_cache(ifp)) { 3547 /* explicitly set in case ifa_flags does not set the flag. */ 3548 rtflags |= RTF_CLONING; 3549 } else { 3550 /* 3551 * explicitly clear the cloning bit in case ifa_flags sets it. 3552 */ 3553 rtflags &= ~RTF_CLONING; 3554 } 3555 3556 lck_mtx_unlock(nd6_mutex); 3557 3558 if (rt != NULL) { 3559 rtfree(rt); 3560 rt = NULL; 3561 } 3562 3563 error = rtrequest_scoped(RTM_ADD, (struct sockaddr *)&prefix, 3564 ifa->ifa_addr, (struct sockaddr *)&mask6, rtflags, &rt, 3565 ifscope); 3566 3567 /* 3568 * Serialize the setting of NDPRF_PRPROXY. 3569 */ 3570 lck_mtx_lock(&proxy6_lock); 3571 3572 if (rt != NULL) { 3573 RT_LOCK(rt); 3574 nd6_rtmsg(RTM_ADD, rt); 3575 RT_UNLOCK(rt); 3576 NDPR_LOCK(pr); 3577 } else { 3578 NDPR_LOCK(pr); 3579 nd6log((LOG_ERR, "nd6_prefix_onlink: failed to add route for a" 3580 " prefix (%s/%d) on %s, gw=%s, mask=%s, flags=%lx," 3581 " scoped=%d, errno = %d\n", 3582 ip6_sprintf(&pr->ndpr_prefix.sin6_addr), 3583 pr->ndpr_plen, if_name(ifp), 3584 ip6_sprintf(&((struct sockaddr_in6 *) 3585 (void *)ifa->ifa_addr)->sin6_addr), 3586 ip6_sprintf(&mask6.sin6_addr), rtflags, 3587 (ifscope != IFSCOPE_NONE), error)); 3588 } 3589 NDPR_LOCK_ASSERT_HELD(pr); 3590 3591 pr->ndpr_stateflags &= ~(NDPRF_IFSCOPE | NDPRF_PRPROXY); 3592 3593 /* 3594 * TODO: If the prefix route exists, we should really find it and 3595 * refer the prefix to it; otherwise ndpr_rt is NULL. 3596 */ 3597 if (!(pr->ndpr_stateflags & NDPRF_DEFUNCT) && 3598 (rt != NULL || error == EEXIST)) { 3599 struct nd_ifinfo *ndi; 3600 3601 VERIFY(pr->ndpr_prproxy_sols_cnt == 0); 3602 VERIFY(RB_EMPTY(&pr->ndpr_prproxy_sols)); 3603 3604 lck_rw_lock_shared(nd_if_rwlock); 3605 ndi = ND_IFINFO(ifp); 3606 VERIFY(ndi != NULL && ndi->initialized); 3607 lck_mtx_lock(&ndi->lock); 3608 3609 pr->ndpr_rt = rt; /* keep reference from rtrequest */ 3610 pr->ndpr_stateflags |= NDPRF_ONLINK; 3611 if (ifscope != IFSCOPE_NONE) { 3612 pr->ndpr_stateflags |= NDPRF_IFSCOPE; 3613 } else if ((rtflags & RTF_CLONING) && 3614 (ndi->flags & ND6_IFF_PROXY_PREFIXES) && 3615 !IN6_IS_ADDR_LINKLOCAL(&pr->ndpr_prefix.sin6_addr)) { 3616 /* 3617 * At present, in order for the prefix to be eligible 3618 * as a proxying/proxied prefix, we require that the 3619 * prefix route entry be marked as a cloning route with 3620 * RTF_PROXY; i.e. nd6_need_cache() needs to return 3621 * true for the interface type, hence the test for 3622 * RTF_CLONING above. 3623 */ 3624 pr->ndpr_stateflags |= NDPRF_PRPROXY; 3625 } 3626 3627 lck_mtx_unlock(&ndi->lock); 3628 lck_rw_done(nd_if_rwlock); 3629 } else if (rt != NULL && pr->ndpr_stateflags & NDPRF_DEFUNCT) 3630 rtfree(rt); 3631 3632 prproxy = (pr->ndpr_stateflags & NDPRF_PRPROXY); 3633 VERIFY(!prproxy || !(pr->ndpr_stateflags & NDPRF_IFSCOPE)); 3634 NDPR_UNLOCK(pr); 3635 3636 IFA_REMREF(ifa); 3637 3638 /* 3639 * If this is an upstream prefix, find the downstream ones (if any) 3640 * and re-configure their prefix routes accordingly. Otherwise, 3641 * this could be potentially be a downstream prefix, and so find the 3642 * upstream prefix, if any. 3643 */ 3644 nd6_prproxy_prelist_update(pr, prproxy ? pr : NULL); 3645 3646 NDPR_REMREF(pr); /* release reference for this routine */ 3647 lck_mtx_unlock(&proxy6_lock); 3648 3649 lck_mtx_lock(nd6_mutex); 3650 3651 return (error); 3652} 3653 3654int 3655nd6_prefix_onlink(struct nd_prefix *pr) 3656{ 3657 return (nd6_prefix_onlink_common(pr, FALSE, IFSCOPE_NONE)); 3658} 3659 3660int 3661nd6_prefix_onlink_scoped(struct nd_prefix *pr, unsigned int ifscope) 3662{ 3663 return (nd6_prefix_onlink_common(pr, TRUE, ifscope)); 3664} 3665 3666int 3667nd6_prefix_offlink(struct nd_prefix *pr) 3668{ 3669 int plen, error = 0, prproxy; 3670 struct ifnet *ifp = pr->ndpr_ifp; 3671 struct nd_prefix *opr; 3672 struct sockaddr_in6 sa6, mask6, prefix; 3673 struct rtentry *rt = NULL, *ndpr_rt = NULL; 3674 unsigned int ifscope; 3675 3676 lck_mtx_assert(nd6_mutex, LCK_MTX_ASSERT_NOTOWNED); 3677 3678 /* sanity check */ 3679 NDPR_LOCK(pr); 3680 if ((pr->ndpr_stateflags & NDPRF_ONLINK) == 0) { 3681 nd6log((LOG_ERR, 3682 "nd6_prefix_offlink: %s/%d on %s scoped=%d is already " 3683 "off-link\n", ip6_sprintf(&pr->ndpr_prefix.sin6_addr), 3684 pr->ndpr_plen, if_name(pr->ndpr_ifp), 3685 (pr->ndpr_stateflags & NDPRF_IFSCOPE) ? 1 : 0)); 3686 NDPR_UNLOCK(pr); 3687 return (EEXIST); 3688 } 3689 3690 bzero(&sa6, sizeof (sa6)); 3691 sa6.sin6_family = AF_INET6; 3692 sa6.sin6_len = sizeof (sa6); 3693 bcopy(&pr->ndpr_prefix.sin6_addr, &sa6.sin6_addr, 3694 sizeof (struct in6_addr)); 3695 bzero(&mask6, sizeof (mask6)); 3696 mask6.sin6_family = AF_INET6; 3697 mask6.sin6_len = sizeof (sa6); 3698 bcopy(&pr->ndpr_mask, &mask6.sin6_addr, sizeof (struct in6_addr)); 3699 prefix = pr->ndpr_prefix; 3700 plen = pr->ndpr_plen; 3701 if ((ndpr_rt = pr->ndpr_rt) != NULL) 3702 pr->ndpr_rt = NULL; 3703 NDPR_ADDREF_LOCKED(pr); /* keep reference for this routine */ 3704 NDPR_UNLOCK(pr); 3705 3706 ifscope = (pr->ndpr_stateflags & NDPRF_IFSCOPE) ? 3707 ifp->if_index : IFSCOPE_NONE; 3708 3709 error = rtrequest_scoped(RTM_DELETE, (struct sockaddr *)&sa6, 3710 NULL, (struct sockaddr *)&mask6, 0, &rt, ifscope); 3711 3712 if (rt != NULL) { 3713 /* report the route deletion to the routing socket. */ 3714 RT_LOCK(rt); 3715 nd6_rtmsg(RTM_DELETE, rt); 3716 RT_UNLOCK(rt); 3717 rtfree(rt); 3718 3719 /* 3720 * The following check takes place only when Scoped Routing 3721 * is not enabled. There might be the same prefix on another 3722 * interface, the prefix which could not be on-link just 3723 * because we have the interface route (see comments in 3724 * nd6_prefix_onlink). If there's one, try to make the prefix 3725 * on-link on the interface. 3726 */ 3727 lck_mtx_lock(nd6_mutex); 3728 opr = nd_prefix.lh_first; 3729 while (opr) { 3730 /* does not apply in the Scoped Routing case */ 3731 if (ip6_doscopedroute) 3732 break; 3733 3734 if (opr == pr) { 3735 opr = opr->ndpr_next; 3736 continue; 3737 } 3738 3739 NDPR_LOCK(opr); 3740 if ((opr->ndpr_stateflags & NDPRF_ONLINK) != 0) { 3741 NDPR_UNLOCK(opr); 3742 opr = opr->ndpr_next; 3743 continue; 3744 } 3745 /* 3746 * KAME specific: detached prefixes should not be 3747 * on-link. 3748 */ 3749 if ((opr->ndpr_stateflags & NDPRF_DETACHED) != 0) { 3750 NDPR_UNLOCK(opr); 3751 opr = opr->ndpr_next; 3752 continue; 3753 } 3754 if (opr->ndpr_plen == plen && 3755 in6_are_prefix_equal(&prefix.sin6_addr, 3756 &opr->ndpr_prefix.sin6_addr, plen)) { 3757 int e; 3758 3759 NDPR_ADDREF_LOCKED(opr); 3760 NDPR_UNLOCK(opr); 3761 if ((e = nd6_prefix_onlink(opr)) != 0) { 3762 nd6log((LOG_ERR, 3763 "nd6_prefix_offlink: failed to " 3764 "recover a prefix %s/%d from %s " 3765 "to %s (errno = %d)\n", 3766 ip6_sprintf( 3767 &opr->ndpr_prefix.sin6_addr), 3768 opr->ndpr_plen, if_name(ifp), 3769 if_name(opr->ndpr_ifp), e)); 3770 } 3771 NDPR_REMREF(opr); 3772 opr = nd_prefix.lh_first; 3773 } else { 3774 NDPR_UNLOCK(opr); 3775 opr = opr->ndpr_next; 3776 } 3777 } 3778 lck_mtx_unlock(nd6_mutex); 3779 } else { 3780 nd6log((LOG_ERR, 3781 "nd6_prefix_offlink: failed to delete route: " 3782 "%s/%d on %s, scoped %d, (errno = %d)\n", 3783 ip6_sprintf(&sa6.sin6_addr), plen, if_name(ifp), 3784 (ifscope != IFSCOPE_NONE), error)); 3785 } 3786 3787 if (ndpr_rt != NULL) 3788 rtfree(ndpr_rt); 3789 3790 lck_mtx_lock(&proxy6_lock); 3791 3792 NDPR_LOCK(pr); 3793 prproxy = (pr->ndpr_stateflags & NDPRF_PRPROXY); 3794 VERIFY(!prproxy || !(pr->ndpr_stateflags & NDPRF_IFSCOPE)); 3795 pr->ndpr_stateflags &= ~(NDPRF_ONLINK | NDPRF_IFSCOPE | NDPRF_PRPROXY); 3796 if (pr->ndpr_prproxy_sols_cnt > 0) { 3797 VERIFY(prproxy); 3798 nd6_prproxy_sols_reap(pr); 3799 VERIFY(pr->ndpr_prproxy_sols_cnt == 0); 3800 VERIFY(RB_EMPTY(&pr->ndpr_prproxy_sols)); 3801 } 3802 NDPR_UNLOCK(pr); 3803 3804 /* 3805 * If this was an upstream prefix, find the downstream ones and do 3806 * some cleanups. If this was a downstream prefix, the prefix route 3807 * has been removed from the routing table above, but there may be 3808 * other tasks to perform. 3809 */ 3810 nd6_prproxy_prelist_update(pr, prproxy ? pr : NULL); 3811 3812 NDPR_REMREF(pr); /* release reference for this routine */ 3813 lck_mtx_unlock(&proxy6_lock); 3814 3815 return (error); 3816} 3817 3818static struct in6_ifaddr * 3819in6_pfx_newpersistaddr(struct nd_prefix *pr, int mcast, int *errorp) 3820{ 3821 struct in6_ifaddr *ia6; 3822 struct ifnet *ifp; 3823 struct nd_ifinfo *ndi; 3824 struct in6_addr mask; 3825 struct in6_aliasreq ifra; 3826 int error, ifaupdate, iidlen, notcga; 3827 3828 VERIFY(pr != NULL); 3829 VERIFY(errorp != NULL); 3830 3831 NDPR_LOCK(pr); 3832 ifp = pr->ndpr_ifp; 3833 ia6 = NULL; 3834 error = 0; 3835 3836 /* 3837 * Prefix Length check: 3838 * If the sum of the prefix length and interface identifier 3839 * length does not equal 128 bits, the Prefix Information 3840 * option MUST be ignored. The length of the interface 3841 * identifier is defined in a separate link-type specific 3842 * document. 3843 */ 3844 iidlen = in6_if2idlen(ifp); 3845 if (iidlen < 0) { 3846 error = EADDRNOTAVAIL; 3847 /* this should not happen, so we always log it. */ 3848 log(LOG_ERR, "%s: IID length undefined (%s)\n", 3849 __func__, if_name(ifp)); 3850 goto unlock1; 3851 } else if (iidlen != 64) { 3852 error = EADDRNOTAVAIL; 3853 /* 3854 * stateless autoconfiguration not yet well-defined for IID 3855 * lengths other than 64 octets. Just give up for now. 3856 */ 3857 nd6log((LOG_INFO, "%s: IID length not 64 octets (%s)\n", 3858 __func__, if_name(ifp))); 3859 goto unlock1; 3860 } 3861 3862 if (iidlen + pr->ndpr_plen != 128) { 3863 error = EADDRNOTAVAIL; 3864 nd6log((LOG_INFO, 3865 "%s: invalid prefix length %d for %s, ignored\n", 3866 __func__, pr->ndpr_plen, if_name(ifp))); 3867 goto unlock1; 3868 } 3869 3870 lck_rw_lock_shared(nd_if_rwlock); 3871 if (ifp->if_index >= nd_ifinfo_indexlim) { 3872 error = EADDRNOTAVAIL; 3873 nd6log((LOG_INFO, 3874 "%s: invalid prefix length %d for %s, ignored\n", 3875 __func__, pr->ndpr_plen, if_name(ifp))); 3876 goto unlock2; 3877 } 3878 3879 bzero(&ifra, sizeof (ifra)); 3880 strlcpy(ifra.ifra_name, if_name(ifp), sizeof (ifra.ifra_name)); 3881 ifra.ifra_addr.sin6_family = AF_INET6; 3882 ifra.ifra_addr.sin6_len = sizeof (struct sockaddr_in6); 3883 3884 /* prefix */ 3885 bcopy(&pr->ndpr_prefix.sin6_addr, &ifra.ifra_addr.sin6_addr, 3886 sizeof (ifra.ifra_addr.sin6_addr)); 3887 in6_len2mask(&mask, pr->ndpr_plen); 3888 ifra.ifra_addr.sin6_addr.s6_addr32[0] &= mask.s6_addr32[0]; 3889 ifra.ifra_addr.sin6_addr.s6_addr32[1] &= mask.s6_addr32[1]; 3890 ifra.ifra_addr.sin6_addr.s6_addr32[2] &= mask.s6_addr32[2]; 3891 ifra.ifra_addr.sin6_addr.s6_addr32[3] &= mask.s6_addr32[3]; 3892 3893 ndi = &nd_ifinfo[ifp->if_index]; 3894 VERIFY(ndi->initialized); 3895 lck_mtx_lock(&ndi->lock); 3896 3897 notcga = nd6_send_opstate == ND6_SEND_OPMODE_DISABLED || 3898 (ndi->flags & ND6_IFF_INSECURE) != 0; 3899 3900 lck_mtx_unlock(&ndi->lock); 3901 lck_rw_done(nd_if_rwlock); 3902 NDPR_UNLOCK(pr); 3903 3904 if (notcga) { 3905 ia6 = in6ifa_ifpforlinklocal(ifp, 0); 3906 if (ia6 == NULL) { 3907 error = EADDRNOTAVAIL; 3908 nd6log((LOG_INFO, "%s: no link-local address (%s)\n", 3909 __func__, if_name(ifp))); 3910 goto done; 3911 } 3912 3913 IFA_LOCK(&ia6->ia_ifa); 3914 ifra.ifra_addr.sin6_addr.s6_addr32[0] |= 3915 (ia6->ia_addr.sin6_addr.s6_addr32[0] & ~mask.s6_addr32[0]); 3916 ifra.ifra_addr.sin6_addr.s6_addr32[1] |= 3917 (ia6->ia_addr.sin6_addr.s6_addr32[1] & ~mask.s6_addr32[1]); 3918 ifra.ifra_addr.sin6_addr.s6_addr32[2] |= 3919 (ia6->ia_addr.sin6_addr.s6_addr32[2] & ~mask.s6_addr32[2]); 3920 ifra.ifra_addr.sin6_addr.s6_addr32[3] |= 3921 (ia6->ia_addr.sin6_addr.s6_addr32[3] & ~mask.s6_addr32[3]); 3922 IFA_UNLOCK(&ia6->ia_ifa); 3923 IFA_REMREF(&ia6->ia_ifa); 3924 ia6 = NULL; 3925 } else { 3926 in6_cga_node_lock(); 3927 error = in6_cga_generate(NULL, 0, &ifra.ifra_addr.sin6_addr); 3928 in6_cga_node_unlock(); 3929 if (error == 0) 3930 ifra.ifra_flags |= IN6_IFF_SECURED; 3931 else { 3932 nd6log((LOG_ERR, "%s: no CGA available (%s)\n", 3933 __func__, if_name(ifp))); 3934 goto done; 3935 } 3936 } 3937 3938 VERIFY(ia6 == NULL); 3939 3940 /* new prefix mask. */ 3941 ifra.ifra_prefixmask.sin6_len = sizeof (struct sockaddr_in6); 3942 ifra.ifra_prefixmask.sin6_family = AF_INET6; 3943 bcopy(&mask, &ifra.ifra_prefixmask.sin6_addr, 3944 sizeof (ifra.ifra_prefixmask.sin6_addr)); 3945 3946 /* lifetimes. */ 3947 ifra.ifra_lifetime.ia6t_vltime = pr->ndpr_vltime; 3948 ifra.ifra_lifetime.ia6t_pltime = pr->ndpr_pltime; 3949 3950 /* address flags */ 3951 ifra.ifra_flags |= IN6_IFF_AUTOCONF; /* obey autoconf */ 3952 3953 /* 3954 * Make sure that we do not have this address already. This should 3955 * usually not happen, but we can still see this case, e.g., if we 3956 * have manually configured the exact address to be configured. 3957 */ 3958 if ((ia6 = in6ifa_ifpwithaddr(ifp, &ifra.ifra_addr.sin6_addr)) 3959 != NULL) { 3960 error = EADDRNOTAVAIL; 3961 IFA_REMREF(&ia6->ia_ifa); 3962 ia6 = NULL; 3963 3964 /* this should be rare enough to make an explicit log */ 3965 log(LOG_INFO, "%s: %s is already configured!\n", 3966 __func__, ip6_sprintf(&ifra.ifra_addr.sin6_addr)); 3967 goto done; 3968 } 3969 3970 /* 3971 * Allocate ifaddr structure, link into chain, etc. 3972 * If we are going to create a new address upon receiving a multicasted 3973 * RA, we need to impose a random delay before starting DAD. 3974 * [RFC 4862, Section 5.4.2] 3975 */ 3976 ifaupdate = IN6_IFAUPDATE_NOWAIT; 3977 if (mcast) 3978 ifaupdate |= IN6_IFAUPDATE_DADDELAY; 3979 error = in6_update_ifa(ifp, &ifra, ifaupdate, &ia6); 3980 if (error != 0) { 3981 nd6log((LOG_ERR, 3982 "%s: failed to make ifaddr %s on %s (errno=%d)\n", 3983 __func__, ip6_sprintf(&ifra.ifra_addr.sin6_addr), 3984 if_name(ifp), error)); 3985 error = EADDRNOTAVAIL; 3986 goto done; 3987 } 3988 3989 VERIFY(ia6 != NULL); 3990 in6_post_msg(ifp, KEV_INET6_NEW_RTADV_ADDR, ia6, NULL); 3991 goto done; 3992 3993unlock2: 3994 lck_rw_done(nd_if_rwlock); 3995 3996unlock1: 3997 NDPR_UNLOCK(pr); 3998 3999done: 4000 *errorp = error; 4001 return (ia6); 4002} 4003 4004#define IA6_NONCONST(i) ((struct in6_ifaddr *)(uintptr_t)(i)) 4005 4006int 4007in6_tmpifadd(const struct in6_ifaddr *ia0, int forcegen) 4008{ 4009 struct ifnet *ifp = ia0->ia_ifa.ifa_ifp; 4010 struct in6_ifaddr *ia, *newia; 4011 struct in6_aliasreq ifra; 4012 int i, error, ifaupdate; 4013 int trylimit = 3; /* XXX: adhoc value */ 4014 u_int32_t randid[2]; 4015 time_t vltime0, pltime0; 4016 uint64_t timenow = net_uptime(); 4017 struct in6_addr addr; 4018 struct nd_prefix *ndpr; 4019 4020 bzero(&ifra, sizeof (ifra)); 4021 strlcpy(ifra.ifra_name, if_name(ifp), sizeof (ifra.ifra_name)); 4022 IFA_LOCK(&IA6_NONCONST(ia0)->ia_ifa); 4023 ifra.ifra_addr = ia0->ia_addr; 4024 /* copy prefix mask */ 4025 ifra.ifra_prefixmask = ia0->ia_prefixmask; 4026 /* clear the old IFID */ 4027 for (i = 0; i < 4; i++) { 4028 ifra.ifra_addr.sin6_addr.s6_addr32[i] 4029 &= ifra.ifra_prefixmask.sin6_addr.s6_addr32[i]; 4030 } 4031 addr = ia0->ia_addr.sin6_addr; 4032 IFA_UNLOCK(&IA6_NONCONST(ia0)->ia_ifa); 4033 4034again: 4035 in6_iid_mktmp(ifp, (u_int8_t *)randid, 4036 (const u_int8_t *)&addr.s6_addr[8], forcegen); 4037 4038 ifra.ifra_addr.sin6_addr.s6_addr32[2] |= 4039 (randid[0] & ~(ifra.ifra_prefixmask.sin6_addr.s6_addr32[2])); 4040 ifra.ifra_addr.sin6_addr.s6_addr32[3] |= 4041 (randid[1] & ~(ifra.ifra_prefixmask.sin6_addr.s6_addr32[3])); 4042 4043 /* 4044 * in6_iid_mktmp() quite likely provided a unique interface ID. 4045 * However, we may still have a chance to see collision, because 4046 * there may be a time lag between generation of the ID and generation 4047 * of the address. So, we'll do one more sanity check. 4048 */ 4049 if ((ia = in6ifa_ifpwithaddr(ifp, &ifra.ifra_addr.sin6_addr)) != NULL) { 4050 IFA_REMREF(&ia->ia_ifa); 4051 if (trylimit-- == 0) { 4052 nd6log((LOG_NOTICE, "in6_tmpifadd: failed to find " 4053 "a unique random IFID\n")); 4054 return (EEXIST); 4055 } 4056 forcegen = 1; 4057 goto again; 4058 } 4059 4060 /* 4061 * The Valid Lifetime is the lower of the Valid Lifetime of the 4062 * public address or TEMP_VALID_LIFETIME. 4063 * The Preferred Lifetime is the lower of the Preferred Lifetime 4064 * of the public address or TEMP_PREFERRED_LIFETIME - 4065 * DESYNC_FACTOR. 4066 */ 4067 IFA_LOCK(&IA6_NONCONST(ia0)->ia_ifa); 4068 if (ia0->ia6_lifetime.ia6ti_vltime != ND6_INFINITE_LIFETIME) { 4069 vltime0 = IFA6_IS_INVALID(ia0, timenow) ? 0 : 4070 (ia0->ia6_lifetime.ia6ti_vltime - 4071 (timenow - ia0->ia6_updatetime)); 4072 if (vltime0 > ip6_temp_valid_lifetime) 4073 vltime0 = ip6_temp_valid_lifetime; 4074 } else { 4075 vltime0 = ip6_temp_valid_lifetime; 4076 } 4077 if (ia0->ia6_lifetime.ia6ti_pltime != ND6_INFINITE_LIFETIME) { 4078 pltime0 = IFA6_IS_DEPRECATED(ia0, timenow) ? 0 : 4079 (ia0->ia6_lifetime.ia6ti_pltime - 4080 (timenow - ia0->ia6_updatetime)); 4081 if (pltime0 > ip6_temp_preferred_lifetime - ip6_desync_factor) 4082 pltime0 = ip6_temp_preferred_lifetime - 4083 ip6_desync_factor; 4084 } else { 4085 pltime0 = ip6_temp_preferred_lifetime - ip6_desync_factor; 4086 } 4087 ifra.ifra_lifetime.ia6t_vltime = vltime0; 4088 ifra.ifra_lifetime.ia6t_pltime = pltime0; 4089 IFA_UNLOCK(&IA6_NONCONST(ia0)->ia_ifa); 4090 /* 4091 * A temporary address is created only if this calculated Preferred 4092 * Lifetime is greater than REGEN_ADVANCE time units. 4093 */ 4094 if (ifra.ifra_lifetime.ia6t_pltime <= ip6_temp_regen_advance) 4095 return (0); 4096 4097 /* XXX: scope zone ID? */ 4098 4099 ifra.ifra_flags |= (IN6_IFF_AUTOCONF|IN6_IFF_TEMPORARY); 4100 4101 /* allocate ifaddr structure, link into chain, etc. */ 4102 ifaupdate = IN6_IFAUPDATE_NOWAIT | IN6_IFAUPDATE_DADDELAY; 4103 error = in6_update_ifa(ifp, &ifra, ifaupdate, &newia); 4104 if (error != 0) { 4105 nd6log((LOG_ERR, "in6_tmpifadd: failed to add address.\n")); 4106 return (error); 4107 } 4108 VERIFY(newia != NULL); 4109 4110 IFA_LOCK(&IA6_NONCONST(ia0)->ia_ifa); 4111 ndpr = ia0->ia6_ndpr; 4112 if (ndpr == NULL) { 4113 /* 4114 * We lost the race with another thread that has purged 4115 * ia0 address; in this case, purge the tmp addr as well. 4116 */ 4117 nd6log((LOG_ERR, "in6_tmpifadd: no public address\n")); 4118 VERIFY(!(ia0->ia6_flags & IN6_IFF_AUTOCONF)); 4119 IFA_UNLOCK(&IA6_NONCONST(ia0)->ia_ifa); 4120 in6_purgeaddr(&newia->ia_ifa); 4121 IFA_REMREF(&newia->ia_ifa); 4122 return (EADDRNOTAVAIL); 4123 } 4124 NDPR_ADDREF(ndpr); /* for us */ 4125 IFA_UNLOCK(&IA6_NONCONST(ia0)->ia_ifa); 4126 IFA_LOCK(&newia->ia_ifa); 4127 if (newia->ia6_ndpr != NULL) { 4128 NDPR_LOCK(newia->ia6_ndpr); 4129 VERIFY(newia->ia6_ndpr->ndpr_addrcnt != 0); 4130 newia->ia6_ndpr->ndpr_addrcnt--; 4131 NDPR_UNLOCK(newia->ia6_ndpr); 4132 NDPR_REMREF(newia->ia6_ndpr); /* release addr reference */ 4133 } 4134 newia->ia6_ndpr = ndpr; 4135 NDPR_LOCK(newia->ia6_ndpr); 4136 newia->ia6_ndpr->ndpr_addrcnt++; 4137 VERIFY(newia->ia6_ndpr->ndpr_addrcnt != 0); 4138 NDPR_ADDREF_LOCKED(newia->ia6_ndpr); /* for addr reference */ 4139 NDPR_UNLOCK(newia->ia6_ndpr); 4140 IFA_UNLOCK(&newia->ia_ifa); 4141 /* 4142 * A newly added address might affect the status of other addresses. 4143 * XXX: when the temporary address is generated with a new public 4144 * address, the onlink check is redundant. However, it would be safe 4145 * to do the check explicitly everywhere a new address is generated, 4146 * and, in fact, we surely need the check when we create a new 4147 * temporary address due to deprecation of an old temporary address. 4148 */ 4149 lck_mtx_lock(nd6_mutex); 4150 pfxlist_onlink_check(); 4151 lck_mtx_unlock(nd6_mutex); 4152 IFA_REMREF(&newia->ia_ifa); 4153 4154 /* remove our reference */ 4155 NDPR_REMREF(ndpr); 4156 4157 return (0); 4158} 4159#undef IA6_NONCONST 4160 4161int 4162in6_init_prefix_ltimes(struct nd_prefix *ndpr) 4163{ 4164 struct timeval caltime; 4165 u_int64_t timenow = net_uptime(); 4166 4167 NDPR_LOCK_ASSERT_HELD(ndpr); 4168 4169 getmicrotime(&caltime); 4170 ndpr->ndpr_base_calendartime = caltime.tv_sec; 4171 ndpr->ndpr_base_uptime = timenow; 4172 4173 /* check if preferred lifetime > valid lifetime. RFC 4862 5.5.3 (c) */ 4174 if (ndpr->ndpr_pltime > ndpr->ndpr_vltime) { 4175 nd6log((LOG_INFO, "in6_init_prefix_ltimes: preferred lifetime" 4176 "(%d) is greater than valid lifetime(%d)\n", 4177 (u_int)ndpr->ndpr_pltime, (u_int)ndpr->ndpr_vltime)); 4178 return (EINVAL); 4179 } 4180 if (ndpr->ndpr_pltime == ND6_INFINITE_LIFETIME) 4181 ndpr->ndpr_preferred = 0; 4182 else 4183 ndpr->ndpr_preferred = timenow + ndpr->ndpr_pltime; 4184 if (ndpr->ndpr_vltime == ND6_INFINITE_LIFETIME) 4185 ndpr->ndpr_expire = 0; 4186 else 4187 ndpr->ndpr_expire = timenow + ndpr->ndpr_vltime; 4188 4189 return (0); 4190} 4191 4192static void 4193in6_init_address_ltimes(struct nd_prefix *new, struct in6_addrlifetime *lt6) 4194{ 4195#pragma unused(new) 4196 uint64_t timenow = net_uptime(); 4197 4198 /* Valid lifetime must not be updated unless explicitly specified. */ 4199 /* init ia6t_expire */ 4200 if (lt6->ia6t_vltime == ND6_INFINITE_LIFETIME) { 4201 lt6->ia6t_expire = 0; 4202 } else { 4203 lt6->ia6t_expire = timenow; 4204 lt6->ia6t_expire += lt6->ia6t_vltime; 4205 } 4206 4207 /* init ia6t_preferred */ 4208 if (lt6->ia6t_pltime == ND6_INFINITE_LIFETIME) { 4209 lt6->ia6t_preferred = 0; 4210 } else { 4211 lt6->ia6t_preferred = timenow; 4212 lt6->ia6t_preferred += lt6->ia6t_pltime; 4213 } 4214} 4215 4216/* 4217 * Delete all the routing table entries that use the specified gateway. 4218 * XXX: this function causes search through all entries of routing table, so 4219 * it shouldn't be called when acting as a router. 4220 */ 4221void 4222rt6_flush( 4223 struct in6_addr *gateway, 4224 struct ifnet *ifp) 4225{ 4226 struct radix_node_head *rnh = rt_tables[AF_INET6]; 4227 4228 /* We'll care only link-local addresses */ 4229 if (!IN6_IS_ADDR_LINKLOCAL(gateway)) { 4230 return; 4231 } 4232 lck_mtx_lock(rnh_lock); 4233 /* XXX: hack for KAME's link-local address kludge */ 4234 gateway->s6_addr16[1] = htons(ifp->if_index); 4235 4236 rnh->rnh_walktree(rnh, rt6_deleteroute, (void *)gateway); 4237 lck_mtx_unlock(rnh_lock); 4238} 4239 4240static int 4241rt6_deleteroute( 4242 struct radix_node *rn, 4243 void *arg) 4244{ 4245 struct rtentry *rt = (struct rtentry *)rn; 4246 struct in6_addr *gate = (struct in6_addr *)arg; 4247 4248 lck_mtx_assert(rnh_lock, LCK_MTX_ASSERT_OWNED); 4249 4250 RT_LOCK(rt); 4251 if (rt->rt_gateway == NULL || rt->rt_gateway->sa_family != AF_INET6) { 4252 RT_UNLOCK(rt); 4253 return (0); 4254 } 4255 4256 if (!IN6_ARE_ADDR_EQUAL(gate, &SIN6(rt->rt_gateway)->sin6_addr)) { 4257 RT_UNLOCK(rt); 4258 return (0); 4259 } 4260 /* 4261 * Do not delete a static route. 4262 * XXX: this seems to be a bit ad-hoc. Should we consider the 4263 * 'cloned' bit instead? 4264 */ 4265 if ((rt->rt_flags & RTF_STATIC) != 0) { 4266 RT_UNLOCK(rt); 4267 return (0); 4268 } 4269 /* 4270 * We delete only host route. This means, in particular, we don't 4271 * delete default route. 4272 */ 4273 if ((rt->rt_flags & RTF_HOST) == 0) { 4274 RT_UNLOCK(rt); 4275 return (0); 4276 } 4277 4278 /* 4279 * Safe to drop rt_lock and use rt_key, rt_gateway, since holding 4280 * rnh_lock here prevents another thread from calling rt_setgate() 4281 * on this route. 4282 */ 4283 RT_UNLOCK(rt); 4284 return (rtrequest_locked(RTM_DELETE, rt_key(rt), rt->rt_gateway, 4285 rt_mask(rt), rt->rt_flags, 0)); 4286} 4287 4288int 4289nd6_setdefaultiface( 4290 int ifindex) 4291{ 4292 int error = 0; 4293 ifnet_t def_ifp = NULL; 4294 4295 lck_mtx_assert(nd6_mutex, LCK_MTX_ASSERT_NOTOWNED); 4296 4297 ifnet_head_lock_shared(); 4298 if (ifindex < 0 || if_index < ifindex) { 4299 ifnet_head_done(); 4300 return (EINVAL); 4301 } 4302 def_ifp = ifindex2ifnet[ifindex]; 4303 ifnet_head_done(); 4304 4305 lck_mtx_lock(nd6_mutex); 4306 if (nd6_defifindex != ifindex) { 4307 struct ifnet *odef_ifp = nd6_defifp; 4308 4309 nd6_defifindex = ifindex; 4310 if (nd6_defifindex > 0) 4311 nd6_defifp = def_ifp; 4312 else 4313 nd6_defifp = NULL; 4314 4315 if (nd6_defifp != NULL) 4316 nd6log((LOG_INFO, "%s: is now the default " 4317 "interface (was %s)\n", if_name(nd6_defifp), 4318 odef_ifp != NULL ? if_name(odef_ifp) : "NONE")); 4319 else 4320 nd6log((LOG_INFO, "No default interface set\n")); 4321 4322 /* 4323 * If the Default Router List is empty, install a route 4324 * to the specified interface as default or remove the default 4325 * route when the default interface becomes canceled. 4326 * The check for the queue is actually redundant, but 4327 * we do this here to avoid re-install the default route 4328 * if the list is NOT empty. 4329 */ 4330 if (ip6_doscopedroute || TAILQ_FIRST(&nd_defrouter) == NULL) { 4331 defrtrlist_sync(nd6_defifp); 4332 nd6_prefix_sync(nd6_defifp); 4333 } 4334 4335 /* 4336 * Our current implementation assumes one-to-one mapping between 4337 * interfaces and links, so it would be natural to use the 4338 * default interface as the default link. 4339 */ 4340 scope6_setdefault(nd6_defifp); 4341 } 4342 lck_mtx_unlock(nd6_mutex); 4343 4344 return (error); 4345} 4346